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(57) A specific-accessible service and a commonly 
accessible service can co-exist while ensuring security 
with respect thereto. It is assumed that in a common ar- 
ea of a company A's issued IC card an electronic value 
corresponding to 1000 yen has been registered and a 
specific area of the common area has a specific-acces- 
sible service point of 50 (corresponding to 50 yen) reg- 
istered. 

With respect to the commonly accessible electronic val- 
ue and specific-accessible service point that are regis- 



tered in the enterpriser A's issued IC card, addition and 
subtraction can be-both executed using a specific key 
A registered in the company A's terminal apparatus. 
However, in each of the respective co-operating com- 
panies' terminal apparatus, with respect to the common- 
ly accessible electronic value, only subtraction process- 
ing is possible using a common key registered therein. 
But, to the processing that is executed with respect to 
the specific-accessible service point registered in the 
specific area, that terminal apparatus has no accessing 
right. 
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Description 

[0001 ] The present invention relates to a data storage 
device and data storage method, an information 
processing apparatus and information processing meth- s 
od, and a program. 

[0002] In an electronic money system or a security 
system, the use of an IC (Integrated Circuit) card has 
more widely been increased. The "IC card" means a 
card-shaped device having embedded therein an IC 10 
chip. It has built therein for example an operation 
processing part such as a CPU (Central Processing 
Unit) for executing various kinds of processings, a mem- 
ory for storing therein data necessary for executing 
these processings, etc. It operates with a prescribed '5 
reader/writer that has been utilized with respect thereto. 
Reading and writing of data with respect to the IC card 
are thereby executed in a state where the IC card is in 
electric contact with the reader/writer or in a stale of non- 
contact therewith that uses electromagnetic waves. 
[0003] For example, in an ISO (International Organi- 
zation for Standardization) 7816, there is defined a 
standard for a contact type of IC card. According to this 
standard, there can be managed data with use of. for 
example, an EF (Elementary File) ( corresponding to the 
so-called "file") for storing therein a file and a DF for stor- 
ing therein the EF and DF (Dedicated File) ( correspond- 
ing to the so-called "directory (folder)"). Accordingly, if 
setting a certain piece of DF as a parent hierarchy and 
providing a DF that constitutes a said-parent's child hi- 
erarchy, it becomes possible to manage data in the form 
of a hierarchical structure. 

[0004] By the way, in case using the IC card for the 
purpose of providing service by a plurality of managers, 
there can be considered as being available therefor a 
method of allotting the DF, serving as a hierarchy, to 
each of a plurality of the managers and storing with re- 
spect to this DF the EF having therein data regarding 
the provision of service by each manager. 
[0005] Also, in case utilizing the IC card in connection 
with-an electronic money system or a security system, 
ensuring the security for concealment of data, for pre- 
vention of the forgery of the IC card, etc. is important. 
To this end, it is necessary to perform the resources 
management for storage of data or to perform the ac- 
cess control the access of that with respect to data is 
highly flexible and yet has a high level of security. 
[0006] As the technique for performing the access 
control the access of that with respect to data is highly 
flexible and yet has a high level of security, there is, for 
example, a technique that is described in an official ga- 
zette of Japanese Patent Application No. 2000-36021. 
According to this cited invention, there are area-defini- 
tion areas corresponding to the directories of the IC 
cards. Those area-definition areas store therein the 
ranges of codes that are the ranges of usable identifi- 
cation codes (each corresponding to a filename or di- 
rectory name). Said area-definition areas constitute a 



hierarchical structure in which according to those rang- 
es of codes the data in one area-definition area is used 
as that corresponding to a parent hierarchy and the data 
in another is used as that corresponding to a child hier- 
archy. Further, in the area-definition areas, there are al- 
so stored the capacities (empty capacities). By these 
empty capacities and ranges of codes, in the hierarchy 
that falls upon a certain area-definition area, the usable 
capacity and identification code therein are respectively 
limited. 

[0007] Further, according to that cited invention, there 
is used two or more in number a hierarchical key that is 
used with respect to each hierarchy corresponding to 
the memory area having such data stored therein, or a 
data memory area key that is used with respect to the 
memory area having such data stored therein. Using 
those keys, there are produced authentication keys that 
are used for authentication. According to each of those 
authentication keys, authentication is performed. And, 
the authentication key that is used when utilizing the par- 
ent's hierarchy is made unknown to the user who uses 
the child's hierarchy. Further, a right to access the exer- 
cise of that is permitted with respect to the child's hier- 
archy is given with respect to the service-definition area 
that among the area-definition areas constitutes a 
child's hierarchy. Therefore, the manager who manages 
the parent's hierarchy becomes able to give each user 
the right to have access to a different service-definition 
area. 

[0008] As the electronic money becomes more dif- 
fused and as the service, that uses an IC card, becomes 
more diversified, there has been an increasing demand 
for the provision of more services through mutual use, 
by a plurality of service providers, of one sheet of IC 
card. 

[0009] In case making mutual use of one sheet of IC 
card by a plurality of service providers, it must be ar- 
ranged that the information or application regarding a 
specific service a certain service provider offers cannot 
be accessed when permission therefor is made by the 
other service providers that make mutual use of that IC 
card. With this security being maintained as is, it must 
be arranged that the information or application regard- 
ing the service that is mutually used can be possessed 
by each of the service providers that are performing their 
mutual use operation. 

[0010] However, in case data for realizing various 
kinds of services that are jointly use-operated or individ- 
ually use-operated by a plurality of service providers has 
been defined within the IC card as physically specific or 
individual blocks, the following means becomes neces- 
sary. Namely, it becomes necessary to use, within the 
reader/writer and IC card : means for, when part of the 
data that is being jointly use-operated has been reload- 
ed, synchronizing the data contents in a specific block 
for providing its relevant service with those in another 
specific block for providing its relevant service. As a re- 
sult of this, the cost of the reader/writer and that of the 
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IC card have both been increased. Further, when defin- 
ing the data for realizing various kinds of services phys- 
ically as specific blocks, owing to the physical blocks 
with respect to that a plurality of definitions have been 
made the memory capacity inside the card is wasted. 
This has caused an obstruction when supplying more 
points of service. 

[0011] Various aspects of present invention are de- 
fined in the appended claims. 

[0012] The present invention has been made in view 
of the above-described circumstances. That is, embod- 
iments of the present invention are intended, in an IC 
card by the use of that for example a plurality of enter- 
prises to provide a plurality of services, to cause a spe- 
cificusable service and a commonly usable service to 
co-exist while ensuring the security as taken with re- 
spect to the applications or data that is used to provide 
the respective enterprises' services. 
[001 3] A data storage device of the present invention 
is characterized by being equipped with first memory 
that has a first recording area for recording therein first 
data and first authentication information with respect to 
the fist data and that has a second recording area for 
recording therein second data and second authentica- 
tion information with respect to the second data, data 
input/output control means that controls the input/output 
of the data with respect to the information-processing 
apparatus, determination means that according to the 
authentication information whose input thereto from the 
information-processing apparatus is controlled by the 
data input/output control means and the first authenti- 
cation information and second authentication informa- 
tion determines whether the transmission/reception of 
the first data and second data recorded in the first mem- 
ory should be performed with respect to the information- 
processing apparatus, and calculation-process execu- 
tion means that of the first data and second data record- 
ed in the first memory executes calculation process ac- 
cording to the first data and second data with regard to 
that it has been determined by the determination means 
that the transmission/ reception of the data should be 
performed by the data storage device with respect to the 
information-processing apparatus, whereby the first 
memory causes third data of the first data recorded in 
the first recording area to be stored therein in associa- 
tion with fourth data of the second data recorded in the 
second recording area, and the calculation-process ex- 
ecution means, in case it has been determined by the 
determination means that the information -processing 
apparatus performs data transmission/reception on the 
third data, executes calculation process with respect to 
the fourth data. 

[001 4] Each of the first authentication information and 
second authentication information can be caused to in- 
clude therein information indicating whether read-out, 
write-in, addition, or subtraction processing with respect 
to the first data and the second data can be executed, 
and the determination means can be caused to deter- 



mine, according to the authentication information input 
from the information-processing apparatus and the first 
authentication and second authentication information, 
which one of the read-out, write-in, addition, or subtrac- 
s tion processing included in the calculation processings 
the calculation-process execution means executes can 
be executed. 

[0015] Each of the first data and second data can be 
caused to include an application for providing a pre- 

10 scribed piece of service, the application is caused to be 
defined by a corresponding different code information, 
the calculation-process execution means can be 
caused to execute the calculation process according to 
the application, and the determination means can be 
caused to determine, according to the code information 
contained in the authentication information input from 
the information-processing apparatus, according to 
which application the calculation-processing execution 
means should execute calculation process. 

20 [0016] The data storage device can be further 
equipped with second memory that, in case the data 
transmission/reception of the data storage device with 
respect to the information-processing apparatus has 
been performed, separately records the first authentica- 

25 tion information or second authentication information, 
according to which one of that first authentication infor- 
mation or second authentication information indicating 
the contents of the datatransmission/reception has 
been used for this data transmission/ reception. 

30 [0017] A data storage method of the present invention 
is characterized by including a recording control step 
that controls the recording of the data into a first record- 
ing area for recording therein first data and first authen- 
tication information with respect to the fist data and a 

35 second recording area for recording therein second data 
and second authentication information with respect to 
the second data, a data input/output control step that 
controls the input/output of the data with respect to the 
information-processing apparatus, a determination step 

40 that according to the authentication information whose 
input thereto from the information-processing apparatus 
is controlled by the processing of the data input/output 
control step and the first authentication information and 
second authentication information determines whether 

45 the transmission/ reception of the first data and second 
data the recording of that has been controlled by the 
processing of the recording control step should be per- 
formed with respect to the information-processing ap- 
paratus, and a calculation-process execution step that 

so of the first data and second data the recording of that is 
controlled by the processing of the recording control 
step executes calculation process according to the first 
data and second data with regard to that it has been 
determined by the processing of the determination step 

55 that the transmission/reception of the data should be 
performed by the data storage device with respect to the 
information-processing apparatus, whereby the record- 
ing control step causes third data of the first data record- 
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ed in the first recording area to be stored therein in as- 
sociation with fourth data of the second data recorded 
in the second recording area, and the calculation-proc- 
ess execution step, in case it has been determined by 
the determination step that the information-processing 5 
apparatus performs data transmission/reception on the 
third data, executes calculation process with respect to 
the fourth data. 

[001 8] A first information-processing apparatus of the 
present invention is characterized by being equipped 
with data input/output control means that controls the 
input/output of the data with respect to the data storage 
device, first memory that records at least one authenti- 
cation information used for performing the transmission/ 
reception of a prescribed item of data that is included in 
the data recorded in the data storage device, and sec- 
ond memory that in case the data transmission/recep- 
tion of the data storage device with respect to the infor- 
mation-processing means has been performed sepa- 
rately records information indicating the contents of the 
data transmission/reception every authentication infor- 
mation used for the data transmission/reception. 
[0019] The first information-processing apparatus 
can be further equipped with selection means that 
among the information recorded in the second memory 
and indicating the contents of the data transmission/re- 
ception selects information indicating the data transmis- 
sion/reception that has been performed using a pre- 
scribed authentication information, and output control 
means that controls the output to another information- 
processing apparatus of the information indicating the 
contents of the data transmission/ reception the data of 
that has been selected by the selection means. 
[0020] A first information-processing method of the 
present invention is characterized by including a data 
input/output control step that controls the input/output 
of the data with respect to the data storage device, a 
first recording control step that controls the recording of 
at least one authentication information that is performed 
for performing the transmission/reception of a pre- 
scribed item of data that is included in the data recorded 
in the data storage device, and a second recording con- 
trol step that in case the data transmission/reception of 
the data storage device with respect to the information- 
processing apparatus has been performed controls the 
separate recording performed every authentication in- 
formation used for the data transmission/reception, of 
information indicating the contents of the data transmis- 
sion/reception. 

[0021] A first program of the present invention is char- 
acterized by including a data input/output control step 
that controls the input/ output of the data with respect to 
the data storage device, a first recording control step 
that controls the recording of at least one authentication 
information that is performed for performing the trans- 
mission/reception of a prescribed item of data that is in- 
cluded in the data recorded in the data storage device, 
and a second recording control step that in case the data 



transmission/reception of the data storage device with 
respect to the information-processing apparatus has 
been performed controls the separate recording per- 
formed every authentication information used for the da- 
ta transmission/reception, of information indicating the 
contents of the data transmission/reception. 
[0022] A second information-processing apparatus of 
the present invention is characterized by being 
equipped with memory that records first authentication 
and second authentication information that are used 
when the data storage device and the second informa- 
tion-processing apparatus perform data transmission/ 
reception therebetween, and code information defining 
each of a plurality of data the data storage device stores 
therein, encoder means that encodes the first authenti- 
cation information, and output control means that con- 
trols the output to the second informat ion-processing 
apparatus of the first authentication information encod- 
ed by the encoder means., the second authentication in- 
formation, and a prescribed item of the code informa- 
tion. 

[0023] A second information-processing method of 
the present invention is characterized by including a re- 
cording control step that controls the recording of first 
authentication and second authentication information 
that are used when the data storage device and the sec- 
ond information-processing apparatus perform data 
transmission/reception therebetween, and code infor- 
mation defining each of a plurality of data the data stor- 
age device stores therein an encoding step that en- 
codes the first authentication information, and an output 
control step that controls the output to the second infor- 
mation-processing apparatus of the first authentication 
information encoded by the processing of the encoding 
step, the second authentication information, and a pre- 
scribed item of the code information. 
[0024] A second program of the present invention is 
characterized by including a recording control step that 
controls the recording of first authentication and second 
authentication information that are used when the data 
storage device and the second information-processing 
apparatus perform data transmission/reception there- 
between, and code information defining each of a plu- 
rality of data the data storage device stores therein, an 
encoding step that encodes the first authentication in- 
formation, and an output control step that controls the 
output to the second information-processing apparatus 
of the first authentication information encoded by the 
processing of the encoding step, the second authenti- 
cation information, and a prescribed item of the code 
information. 

[0025] A third information -processing apparatus of 
the present invention is characterized by being 
equipped with input control means that controls the input 
of the first information that regards the data transmis- 
sion/reception executed by a corresponding one of the 
other information-processing apparatus with respect to 
the data storage device, production means that produc- 
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es second information regarding the data transmission/ 
reception that corresponds to a plurality of the other in- 
formation-processing apparatus, according to the first 
information the input of that has been controlled by the 
input control means, and output control means that con- 
trols the output to the corresponding other information- 
processing apparatus, of the second information pro- 
duced by the production means. 
[0026] A third information-processing method of the 
present invention is characterized by including an input 
control step that controls the input of the first information 
that regards the data transmission/reception executed 
by a corresponding one of the other information- 
processing apparatus with respect to the data storage 
device, a production step that produces second infor- 
mation regarding the data transmission/reception that 
corresponds to a plurality of the other information- 
processing apparatus, according to the first information 
the input of thai has been controlled by the processing 
of the input control step, and an output control step that 
controls the output to the corresponding other informa- 
tion-processing apparatus, of the second information 
produced by the processing of the production step. 
[0027] A third program of the present invention is 
characterized by including an input control step that con- 
trols the input of the first information that regards the 
data transmission/reception executed by a correspond- 
ing one of the other information-processing apparatus 
with respect to the data storage device, a production 
step that produces second information regarding the da- 
ta transmission/ reception that corresponds to a plurality 
of the other information-processing apparatus, accord- 
ing to the first information the input of that has been con- 
trolled by the processing of the input control step, and 
an output control step that controls the output to the cor- 
responding other information-processing apparatus, of 
the second information produced by the processing of 
the production step. 

[0028] In the data storage device and data storage 
method of the present invention . data is recorded in a 
first recording area for recording therein first data and 
first authentication information with respect to the first 
data and in a second recording area for recording there- 
in second data and second authentication information 
with respect to the second data; the input/output of the 
data with respect to the information-processing appara- 
tus is controlled; according to the authentication infor- 
mation that has been input from the information- 
processing apparatus and the first authentication infor- 
mation and second authentication information it is de- 
termined whether the transmission/reception of the first 
data and second data should be performed with respect 
to the information-processing apparatus; of the first data 
and second data, according to the first data and second 
data with regard to that it has been determined that the 
transmission/reception of the data should be performed 
by the data storage device with respect to the informa- 
tion-processing apparatus, calculation process is exe- 



cuted; third data of the first data recorded in the first re- 
cording area is recorded in association with fourth data 
of the second data recorded in the second recording ar- 
ea; and in case the information-processing apparatus 
5 performs data transmission/reception on the third data 
calculation process is executed with respect to the 
fourth data. 

[0029] In a first information-processing apparatus, 
first information-processing method, and a program re- 

10 corded in the first recording medium of the present in- 
vention, there is controlled the input/output of the data 
with respect to the data storage device; there is record- 
ed at least one authentication information used for per- 
forming the transmission/reception of a prescribed item 

15 of data that is included in the data recorded in the data 
storage device; and in case the data transmission/re- 
ception of the data storage device with respect to the 
information-processing apparatus has been performed 
there is separately recorded information indicating the 

20 contents of the data transmission/reception every au- 
thentication information used for the data transmission/ 
reception. 

[0030] In a second information-processing apparatus, 
second - information-processing method and a program 

25 recorded in the second recording medium of the present 
invention, there are recorded first authentication and 
second authentication information that are used when 
the data storage device and another information- 
processing apparatus perform data transmission/recep- 

30 tion therebetween, and code information defining each 
of a plurality of data the data storage device stores 
therein; there is encoded the first authentication infor- 
mation; and there are output to the another information- 
processing apparatus the first authentication informa- 

35 tion encoded, the second authentication information, 
and a prescribed item of the code information. 
[0031] In a third information-processing apparatus, 
third information-processing method, and a program re- 
corded in a third recording medium of the present inven- 

40 tion, there is input the first information that regards the 
data transmission/reception executed by a correspond- 
ing one of the other information-processing apparatus 
with respect to the data storage device; there is pro- 
duced second information regarding the data transmis- 

45 sion/reception that corresponds to a plurality of the other 
information-processing apparatus, according to the first 
information that has been input; and there is output to 
the corresponding other information-processing appa- 
ratus the second information that has been produced. 

so [0032] The invention will now be described by way of 
example with reference to the accompanying drawings, 
throughout which like parts are referred to by like refer- 
ences, and in which: 

55 FIG. 1 is a block diagram illustrating the construc- 
tion of a card system to that the present invention 
is applied; 

FIG. 2 is a block diagram illustrating the construc- 
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tion of a reader/writer of FIG. 1 ; 
FIG. 3 is a block diagram illustrating the construc- 
tion of an IC card of FIG. 1 ; 
FIG. 4 is a block diagram illustrating the construc- 
tion of a controller of FIG. 1 ; 5 
FIG. 5 is a view illustrating a logical format of the 
EEPROM of FIG. 3; 

FIG. 6 is a view illustrating the construction of ap- 
plications recorded in the EEPROM of FIG. 3; 
FIG. 7 is a view illustrating the relationship between io 
an IC card issuer and its co-operators; 
FIG. 8 is a view illustrating examples of the appli- 
cations recorded in the EEPROM of FIG. 3; 
FIG. 9 is a view illustrating the delivery/receipt of an 
authentication key between the managers; is 
FIG. 10 is a view illustrating the processing for au- 
thenticating the IC card that is executed in an issu- 
er's managed terminal apparatus; 
FIG. 11 is a view illustrating the processing for au- 
thenticating the IC card that is executed in a co-op- 20 
erator*s managed terminal apparatus; 
FIG. 12 is a flow chart illustrating the processing of 
the terminal apparatus; 

FIG. 13 is a flow chart illustrating a commonly ac- 
cessible electronic value filling process; 25 
FIG. 14 is a flow chart illustrating a specific-acces- 
sible service point write-in process; 
FIG. 15 is a flowchart illustrating the commonly ac- 
cessible electronic value and specific-accessible 
service point write-in process; 30 
FIG. 16 is a view illustrating the accessing right to 
the applications in the specific and the common ar- 
ea that is imparted to a co-operator that co-operates 
with the IC card's issuer; 

FIG. 17 is a flow chart illustrating a point/value uti- 35 
lization process that is executed by an object store 
with respect to that specific access is permitted; 
FIG. 1 8 is a flow chart illustrating an electronic value 
utilization process that is executed by an object 
store with respect to that common access is permit- 40 
ted; 

FIGS. 19A and 19B are views each illustrating the 
IC card issuer, the co-operator, and an IC card cent- 
er; 

FIG. 20 is a block diagram illustrating the construe- 45 
tion of the personal computer of FIG. 19; 
FIG. 21 is a flow chart illustrating the settlement 
process that is executed by each of the IC card is- 
suer, the co-operator, and the IC card center; 
FIG. 22 is a flow chart illustrating the settlement so 
process that is executed by each of the IC card is- 
suer, the co-operator, and the IC card center; 
FIG. 23 is a view illustrating the accessing right to 
the applications in the specific and the common ar- 
ea that is imparted to a co-operator that co-operates 55 
with the IC card's issuer; 

FIG. 24 is a view illustrating the accessing right to 
the applications in the specific and the common ar- 



ea that is imparted to a co-operator that co-operates 
with the IC card's issuer; - 

FIG. 25 is a view illustrating the accessing right to 
the applications in the specific and the common ar- 
ea that is imparted to a co-operator that co-operates 
with the IC card's issuer: 

FIG. 26 is a view illustrating the accessing right to 
the applications in the specific and the common ar- 
ea that is imparted to a co-operator that co-operates 
with the IC card's issuer; 

FIG. 27 is a flow chart illustrating the electronic val- 
ue write-in process the write-in of that with respect 
to the electronic value is performed using a specific 
key other than an issuer's one; 
FIG. 28 is a flow chart illustrating the settlement 
process that in case the write-in with respect to the 
electronic value has been performed using a spe- 
cific key other than an issuer's one is executed in 
each of the issuer and the co-operator; 
FIG. 29 is a view illustrating the delivery/receipt of 
a common key between the managers; and 
FIG. 30 is a view illustrating the common posses- 
sion of services (applications) between the manag- 
ers. 

[0033] An embodiment of the present invention will 
hereafter be explained with reference to the drawings. 
[0034] FIG. 1 illustrates the construction of a non-con- 
tact type card system to which the present invention has 
been applied. 

[0035] This non-contact type of card system is con- 
structed of a reader/writer 1 , an IC card 2, and a con- 
troller 3. Between the reader/writer 1 and the IC card 2, 
no n -contact type transmission and reception of data are 
performed using electromagnetic waves. 
[0036] Namely, the reader/writer 1 transmits a pre- 
scribed command to the IC card 2, The IC card 2 re- 
ceives that command and thereby executes a piece of 
processing corresponding to that command. And, the IC 
card 2 transmits to the reader/writer 1 response data 
that responds to the processed result. 
[0037] The reader/writer 1 is connected to the control- 
ler 3 via a prescribed interface (e.g. the one that is pre- 
pared in accordance with a standard of RS-485A). The 
controller 3 supplies a prescribed control signal to the 
reader/writer 1 to thereby cause it to execute its pre- 
scribed piece of processing. 

[0038] FIG. 2 is a block diagram illustrating the con- 
struction of the reader/writer 1 illustrated in FIG. 1 . 
[0039] An IC 21 is constructed of a DPU (Data 
Processing Unit) 31 that executes processing of data, 
an SPU (Signal Processing Unit) 32 that executes 
processing of data, which is transmitted to the IC card 
2, and that executes processing of data, which has been 
received from the IC card 2, an SCC (Serial Communi- 
cation Controller) 33 that performs communication with 
the controller 3, and a memory 34 constructed of a ROM 
(Read Only Memory) 41 that stores therein beforehand 
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information necessary for processing of data and a RAM 
(Random Access Memory) 42 that temporarily stores 
therein data that is in the course of processing. Ail ele- 
ments that are included from the DPU 31 to the memory 
34 are connected to one another via a bus 35. 
[0040] Also, to this bus 35, there are connected, too, 
a flash memory 22 that stores therein prescribed data 
such as, for example, data necessary for authentication 
and a drive 28. To the drive 28 there are mounted ac- 
cording to the necessity a magnetic disk 45, an optical 
disk 46, a magneto-optical disk 47, and a semiconductor 
memory 48. Thereby, transmission and reception of da- 
ta are performed between the both. 
[0041] An antenna 27 monitors the state of load while 
radiating prescribed electromagnetic waves. By doing 
so, the antenna 27 detects whether the IC card 2 has 
been mounted with respect thereto. It thereby performs 
transmission and reception of data with respect to the 
IC card 2 that has been mounted thereto. The details on 
the transmission and reception of data with respect to 
the IC card 2 will be described later 
[0042] A demodulator circuit 25 demodulates a mod- 
ulated wave (ASK (Amplitude Shift Keying) modulated 
wave) that it has received via the antenna 27, and out- 
puts to the SPU 32 the data that has been demodulated. 
[0043] The SPU 32 has input thereto via the demod- 
ulator 25 the response data that has been transmitted 
on from the IC card 2. It executes a prescribed piece of 
processing (e.g. BPSK (Binary Phase Shift Keying) 
modulation (coding into the Manchester code), etc.) with 
respect to that response data. It simultaneously similarly 
executes a prescribed piece of processing with respect 
to the command that is to be transmitted to the IC card 
2. It thereafter outputs the resulting signal to a modulator 
circuit 23. 

[0044] The DPU 31 has input thereto via the SPU 32 
and bus 35 the response data received from the IC card 
2 and has input thereto via the SCC 33 and bus 35 the 
control signal input from the controller 3. It thereby ex- 
ecutes processing that accords with the response data 
and control signal that has been input thereto. It outputs 
the command, that is to be transmitted to the IC card 2, 
to the SPU 32 via the bus 35 : or outputs the data, that 
is to be transmitted to the controller, to the SCC 33 via 
the bus 35. 

[0045] The modulator circuit 23 performs ASK modu- 
lation of a carrier wave, the frequency of that is pre- 
scribed (e.g. 13. 56 MHz), and that is supplied from an 
oscillator (OSC) 26, according to the data that is sup- 
plied from the SPU 32. It outputs the thus-produced 
modulation waves to the IC card 2 via the antenna 27 
as the electromagnetic waves. It is to be noted that it is 
arranged that at this time the modulator circuit 23 per- 
forms ASK modulation by its modulation degree being 
made less than 1 . It is thereby arranged that even when 
the data has a low level the maximum amplitude of the 
modulation waves be prevented from becoming zero. 
[0046] The SCC 33 supplies the data, that has been 



input from the controller 3, to the DPU 31 via the bus 35, 
or outputs the data, that has been input from the DPU 
31 via the bus 35, to the controller. 
[0047] FIG. 3 is a block diagram illustrating the con- 

5 struction of the IC card 2 illustrated in FIG. 1 . 

[0048] An IC 51 of the IC card 2 receives the modu- 
lation waves that have been transmitted on from the 
reader/writer 1 through the antenna 53. A capacitor 52 
constitutes an LC circuit jointly with the antenna 53 and 

10 the modulation waves thereof tune (resonate) with the 
electromagnetic waves having a prescribed frequency 
(carrier frequency). 

[0049] An interface part 61 of the IC 51 has an ASK 
demodulation part 81 that wave-detects the modulation 

*5 waves (ASK modulation -waves) that it has received via 
the antenna 53, and demodulates them. The ASK de- 
modulation part 81 then outputs the post-modulation da- 
ta to a BPSK modulation part 62 and to a PLL (Phase 
Locked Loop) part 63. The interface part 61 also has a 

20 voltage regulator 82 that stabilizes the signal the ASK 
demodulation part 81 has wave-detected, and the volt- 
age regulator 82 supplies it to each of its relevant circuits 
as a direct current power source. Further, the interface 
part 61 has an oscillator circuit 83 that oscillates a signal 

25 having the same frequency as the clock frequency of 
the data signal and that outputs that signal to the PLL 
part 63. 

[0050] Data is transmitted from the IC card 2 to the 
reader/writer 1 . In this case, an ASK modulation part 84 

30 of the interface part 61 causes, for example, a pre- 
scribed switching element to go "onVoff" in correspond- 
ence with the data that is supplied from a calculation 
part 64 via a BPSK modulation part 68. And, only when 
the switching element is in a state of being "on", the ASK 

35 modulation part 84 causes a prescribed magnitude of 
load to be connected to the antenna 53 in parallel there- 
with. By doing so, the ASK modulation part 84 causes 
the fluctuation in the load of the antenna 53 that serves 
as the power source for the IC card 2. According to the 

40 fluctuation in the load of the antenna 53, the ASK mod- 
ulation part 84 performs ASK modulation of the modu- 
lation waves the IC card 2 is receiving via the antenna 
53. (When receiving data from the IC card 2, namely 
when transmitting datato the IC card 2, the reader/writer 

45 1 has kept constant the maximum amplitude of the mod- 
ulation waves it outputs. The ASK modulation part 84 
performs ASK modulation of those modulation waves 
according to the fluctuation in the load-of the antenna 
53.) The ASK modulation part 84 transmits those mod- 

50 ulation components to the reader/writer 1 via the anten- 
na 53 (i.e. the ASK modulation part 84 causes the fluc- 
tuation in the terminal voltage of the antenna 27 of the 
reader/writer 1). 

[0051] The PLL part 63 receives data from the ASK 
55 demodulation part 81 and, from this data, produces a 
clock signal that is synchronized with that data. That 
clock signal is output to the BPSK demodulation part 62 
and to the BPSK modulation part 68. When the data that 
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has been modulated by the ASK demodulation part 81 
is being BPSK-modulated, the BPSK demodulation part 
62 demodulates that data (decoding of the one-chester 
code) according to the clock signal supplied from the 
PLL part 63, and outputs the thus- demodulated data to 
the calculation part 64. 

[0052] In case the data supplied from the BPSK de- 
modulation part 62 is the one that has already been en- 
coded, the calculation part 64 decodes that data by its 
encoding/decoding part 92. Thereafter, this data is proc- 
essed in a sequencer 91 . It is to be noted that in case 
that data is the one that is not encoded, the data sup- 
plied from the BPSK demodulation part 62 is directly 
supplied to the sequencer 91 without being passed 
through the encoding/decoding part 92. 
[0053] The sequencer 91 executes various kinds of 
processings that accord with the commands that are in- 
put thereto. Namely, the sequencer 91 executes write- 
in or read-out of data with respect to, for example, an 
EEPROM (Electrically Erasable and Programmable 
Read Only Memory) 66 and in addition executes neces- 
sary steps of calculation processing with respect to that 
data. Further, the- sequencer 91 executes access con- 
trol resulting from performance of authentication, the 
management of the EEPROM 66, etc. 
[0054] A parity calculation part 93 of the calculation 
part 64 calculates, for example, a lead Solomon's code, 
as parity data, from the data stored in the EEPROM 66 
orfrom the data stored in the EEPROM 66. Further, after 
having executed a prescribed step of processing in the 
sequencer 91. the calculation part 64 outputs to the 
BPSK modulation part 68 the response data corre- 
sponding to that prescribed step of processing (the data 
that is transmitted to the reader/writer 1). The BPSK 
modulation part 68 performs BPSK modulation of the 
data that has been supplied by the calculation part 64, 
and outputs the post-modulation data to the ASK mod- 
ulation part 84 of the interface part 61 . 
[0055] The ROM 65 stores therein a program for ex- 
ecuting processing by the sequencer 91 and stores 
therein data that is necessary for the execution of the 
program. The RAM 67 temporarily stores therein, for ex- 
ample, data that when the sequencer 91 performs 
processing occurs in the course of the processing. The 
EEPROM 66 is a non-volatile memory, which even after 
the IC card 2 terminates its communication with the 
reader/writer 1 and the supply of the power thereto has 
been stopped continues to have its data kept stored 
therein. 

[0056] Next, the data transmission/reception 
processing between the reader/writer 1 and the IC card 
2 will be explained. 

[0057] The reader/writer 1 that has been explained 
using FIG. 2 radiates prescribed electromagnetic waves 
from its antenna 27, and, in this state, monitors the state 
of load of the antenna 27. The reader/writer 1 thereby 
is kept on standby until it detects the variation in this 
state of load due to the approach thereto of the IC card 



2. It is to be noted that it may be arranged to cause the 
reader/writer 1 to perform the following piece of process- 
ing ( polling). Namely, the reader/writer 1 may radiate 
electromagnetic waves that have been ASK-modulated 
5 by data whose pattern is a prescribed short pattern and 
may thereby repeat a calling over the IC card 2 until a 
response from the IC card 2 is obtained within a pre- 
scribed length of time. 

[0058] When in the reader/writer 1 the approach 

10 thereto of the IC card 2 is detected, the SPU 32 thereof 
operates as follows. Namely, the SPU 32 uses a rectan- 
gular wave signal having a prescribed frequency (e.g. 
the frequency twice as high as the clock frequency of 
the data) as a carrier wave. The SPU 32 thereby causes 

* 5 BPSK modulation through the use of data transmitted 
to the IC card 2 (e.g. a command corresponding to a 
piece of processing that the IC card 2 is caused to exe- 
cute or data that is written into the IC card 2 or the like). 
The thus-produced modulated wave (BPSK modulated 

20 signal) is output to the modulator circuit 23. 

[0059] Incidentally, at the time of the BPSK modula- 
tion, it is possible to cause the data to correspond to a 
change in the phase of the modulated wave by utilizing 
a technique of differential conversion. In this case, even 

25 when the BPSK modulated signal is inverted, it is de- 
modulated to the original data. Therefore, it becomes 
unnecessary to consider the conversion of the polarity 
of the modulated wave when performing demodulation. 
[0060] The modulator circuit 23 performs ASK modu- 

30 lation of a - prescribed carrier wave, with use of the 
BPSK modulation signal input thereto, at a degree of 
modulation (= the maximum amplitude of the data sig- 
nal/the maximum amplitude of the carrier wave) the val- 
ue of that is less than 1 (for example, 0. 1). The modu- 

35 lator circuit 23 transmits the thus-produced modulated 
wave (ASK modulated wave) to the IC card 2 through 
the antenna 27. 

[0061] Incidentally, when no transmission is per- 
formed ; of the two levels (high level and low level) of the 

40 digital signal it is arranged that the modulator circuit 23 
produces a modulated wave through the use of, for ex- 
ample, a high-level digital signal. 
[0062] The IC card 2 that has been explained using 
FIG. 3 has the LC circuit that is constructed of the an- 

45 tenna 53 and the capacitor 52, in which part of the elec- 
tromagnetic waves radiated by the antenna 27 of the 
reader/writer 1 is converted to an electric signal. This 
electric signal (the modulated wave) is output to the in- 
terface part 61 of the IC 51 . And, the ASK demodulation 

50 part 81 of the interface part 61 performs rectification and 
smoothing of that modulated wave and thereby per- 
forms envelope wave detection of it. The ASK demod- 
ulation part 81 supplies the signal that is thereby pro- 
duced, to the voltage regulator 82 and simultaneously 

55 suppresses the direct current components of that signal. 
It thereby extracts data signal from that signal. It then 
outputs this signal to the BPSK demodulation part 62 
and to the PLL part 63. 
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[0063] It is to be noted that at this time the terminal 
voltage v* 0 of the antenna 53 is expressed in the form 
of. for example, the following equation (1). 

V 0 = V 10 (1 + kx Vs(t))cos(a>t)... (1) 

where the V 10 cos (cot) represents the earner wave; the 
k represents the degree of modulation; and the Vs (t) 
represents the data the SPU 32 outputs. 
[0064] Also, the low-level value VLR of the voltage V1 
after the rectification performed by the ASK demodula- 
tion part 81 is expressed in the form of, for example, the 
following equation (2). 

v lr = v io< 1 +kx(-1))-Vf ... (2) 

where the Vf represents the voltage drop that occurs in 
the diode (not illustrated) constituting a rectifier circuit 
that in the ASK demodulation part 81 is intended to per- 
form rectification and smoothing. The Vf generally is 0. 
7 volts or so. 

[0065] When the voltage regulator 82 receives the 
signal that has been rectified and smoothed by the ASK 
demodulation part 81 , the voltage regulator 82 stabilizes 
this signal and supplies it to each of the respective rel- 
evant circuits including the calculation part 64 as a direct 
current power source. It is to be noted that here, as stat- 
ed above, since the degree of modulation k of the mod- 
ulated wave is less than 1 , the fluctuation in the voltage 
(the difference between the high level and the low level) 
after rectification is small. Accordingly, in the voltage 
regulator 82, it is possible to easily produce the direct 
current power source. 

[0066] Here : for example, in case having received the 
modulated wave the degree of modulation k of that is 
5% so that the V 10 may become equal to or more than 
3 volts, the post-rectification low-level voltage V LR be- 
comes equal to or more than 2. 15 (= 3 x (1 - 0. 05) - 0. 
7) volts. Therefore, the voltage regulator 82 can supply 
a voltage that is sufficiently high as the power source, 
to each of the respective relevant circuits. Further, in this 
case, the amplitude 2 x k x V 10 (the Peak-to-Peak value) 
of the alternating current component (data component) 
of the post-rectification voltage V1 becomes 0. 3 (= 2 x 
0. 05 x 3) volt or more. Therefore, the ASK demodulation 
part 81 can perform demodulation of the data at a suf- 
ficiently high S/N ratio. 

[0067] In this way, by utilizing the ASK modulated 
wave the degree of modulation k of that is less than 1 , 
the communication in a state where the error rate is low 
(i.e. the S/N ratio is high) becomes possible. Simultane- 
ously, the direct current voltage that is sufficient as the 
power source is supplied to the IC card 2. 
[0068] When receiving the data (BPSK modulated 
signal) from the ASK demodulation part 81, the BPSK 



demodulation part 62 demodulates that data according 
to the clock signal supplied from the PLL part 63, and 
outputs the demodulated data to the calculation part 64. 
[0069] In case the data that has been supplied by the 
BPSK demodulation part 62 is the encoded data, the 
calculation part 64 decodes the encoded data through 
the operation of the encoding/ decoding part 92. This 
data is supplied to the sequencer 91 and is processed. 
It is to be noted that the reader/writer 1 is kept on stand- 
by in the state of going on to transmit data the value of 
that is 1 during that time period, i.e. a time period that 
lasts from the time when the reader/writer 1 has trans- 
mitted data to the IC card 2 to the time when the reader/ 
writer 1 receives a response to that data. Accordingly, 
in that time period, the IC card 2 is receiving the modu- 
lated wave the maximum amplitude of that is fixed. 
[0070] Upon completion of its processing, the se- 
quencer 91 outputs to the BPSK modulation part 68 the 
response data (the data that it is to transmit to the read- 
er/writer 1 ) that concerns the processed result, etc. The 
BPSK modulation part 68 performs BPSK modulation 
(encoding of the one Chester code) of the data that has 
been input thereto. It thereafter outputs the resulting sig- 
nal to the ASK modulation part 84 of the interface part 
61. 

[0071] And, the ASK modulation part 84 causes the 
load connected to each end of the antenna 53 to fluctu- 
ate, utilizing the switching element or the like, in corre- 
spondence with the data from the BPSK modulation part 
68. It thereby performs ASK modulation of the modulat- 
ed wave it is receiving correspondingly to the data it 
transmits (at the time of transmitting data from the IC 
card 2, as stated above, the maximum amplitude of the 
modulated wave the reader/writer 1 outputs is made 
fixed). By that ASK modulation, the ASK modulation part 
84 causes the fluctuation of the terminal voltage of the 
antenna 27 of the reader/writer 1 , thereby transmitting 
the resulting data to the reader/writer 1 . 
[0072] On the other hand, at the time of receiving the 
data from the IC card 2, the modulator circuit 23 of the 
reader/writer 1 keeps transmitting the data the value of 
that is 1 (the high level). And, in the demodulation circuit 
25, the data that has been transmitted on from the IC 
card 2 is detected from a minute level of fluctuation (e. 
g. several tens of micro-bolts) in the terminal voltage of 
the antenna 27 electro-magnetically coupled to the an- 
tenna 53 of the IC card 2. 

[0073] Further, in the demodulator circuit 25, the sig- 
nal it has detected (the ASK modulated wave) is demod- 
ulated by being amplified with a high-gain amplifier (not 
illustrated). And the digital data that is resultantly ob- 
tained is output to the SPU 32. The SPU 32 demodu- 
lates the data having been input thereto (the BPSK mod- 
ulated signal) and outputs the resulting data to the DPU 
31 via the bus 35. The DPU 31 processes the data that 
has been input from the SPU 32. It according to the proc- 
essed result determines whether it terminates its com- 
munication. And, when it has been determined that it 
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performs the communication again, the DPU 31 per- 
forms the communication between the reader/writer 1 
and the IC card 2 in the same way as in the above-de- 
scribed case. On the other hand, when it has been de- 
termined that the DPU 31 terminates the communica- 
tion, the communication processing between the read- 
er/writer 1 and the IC card 2 is terminated. 
[0074] As described above, the reader/writer 1 trans- 
mits data to the IC card 2 by utilizing the ASK modulation 
whose degree of modulation k is less than 1 , while the 
IC card 2 receives that data and performs processing 
corresponding to it. The IC card 2 return-transmits the 
data corresponding to this processed result to the read- 
er/writer 1 . 

[0075] Next, FIG. 4 is a block diagram illustrating the 
construction of the controller 3 illustrated in FIG. 1 . 
[0076] A control part 101 has input thereto via an in- 
ternal bus 1 02 a signal corresponding to each of various 
kinds of instructions the user has input using an input 
part 1 03, and executes various steps of processing that 
are based on the instructions that have been input there- 
to. A memory 104 stores therein a program the control 
part 101 uses, parameters for being used for calculation, 
parameters that suitably vary during the execution of the 
program, etc. The control part 1 01 and the memory 1 04 
are connected to each other by the internal bus 1 02. 
[0077] The internal bus 1 02 is also connected to the 
input part 103, a display part 105, a drive 106, and a 
network interface 107. The input part 103 consists of, 
for example, a keyboard, a mouse, or a bar-code reader 
and, when inputting various kinds of instructions or data 
to the control part 1 01 , is operated by the user. The dis- 
play part 105 consists of, for example, a CRT (Cathode 
Ray Tube) or the like, and displays various kinds of items 
of information by means of a text or a picture image. To 
the drive 1 06, according to the necessity, there is mount- 
ed a magnetic disk 1 1 1 , an optical disk 1 1 2, a magneto- 
optical disk 113, or a semiconductor memory 114. 
Each of these elements performs data transmission and 
reception between itself and the drive. 
[0078] The network interface 1 07 is connected to the 
reader/writer 1 via an RS-485A for example. Or it is con- 
nected to a LAN (Local Area Network) by the use of a 
prescribed interface cable or the like. Or it is connected 
to a wide-band network such as, for example, an Inter- 
net communication network, via the telephone lines not 
illustrated. 

[0079] Next, using FIG. 5, an explanation will be given 
of the logical format of the EEPROM 66 illustrated in 
FIG. 3. 

[0080] The EEPROM 66 is constructed in units of a 
block. For example, in FIG. 5, one block is constructed 
of 1 6 bytes. 

[0081] Further, in FIG. 5, by settingthe logical address 
in the uppermost block to be #0000h (the h represents 
a hexadecimal-number), the logical addresses are allo- 
cated on the ascending order. It is to be noted that, in 
FIG. 5, the addresses from #0000h to #FFFFh are allo- 



cated as the logical addresses. Accordingly, 65536 
(=2 16 ) pieces of blocks are constructed. 
[0082] It is arranged that the respective blocks be 
used as user blocks or system blocks. In the respective 

5 blocks of the EEPROM 66, they are allocated as the us- 
er blocks on the ascending order of the logical address- 
es. Also, on the descending order thereof, they are al- 
located as the system blocks. Namely, in FIG. 5, the log- 
ical addresses for the user blocks increase in the down- 

10 ward direction, while those for the system blocks in- 
crease in the upward direction. And, when the empty 
blocks have become none, it becomes possible to form 
neither the user blocks nor the system blocks. Accord- 
ingly, the border between the user blocks and the sys- 

15 tern blocks is not made fixed. Also, the number of the 
user blocks or the number of the system blocks is not 
particularly limited (however, in the case of FIG. 5, the 
sum total of the user blocks and system blocks is limited 
to a value that is 65536 pieces or less). 

20 [0083] As the system blocks there are five kinds of 
blocks that include a manufacture ID (Identification) 
block, issuance ID block, system-definition block, area- 
definition blocks, and service-definition blocks. Inciden- 
tally, in the case of FIG. 5, the blocks that are set to be 

25 area-definition blocks or service-definition blocks are il- 
lustrated as area/service-definition blocks. 
[0084] Among the system blocks, three thereof that 
are the manufacture ID block, issuance ID block, and 
system-definition block are fundamentally the ones al- 
so ready disposed at the time of the-issuance of the IC card 
2. Those three system blocks are disposed respectively 
in the logical address #FFFFh, #FFFEh, and #FFFDh. 
And : the area/service-definition blocks are disposed re- 
spectively at the positions on and upper than the logical 

35 address #FFFCh on the order wherein they are pro- 
duced. 

[0085] In the manufacture ID block, there is disposed 
information regarding the manufacture of the IC card 2. 
Namely, in the manufacture ID block, for example, a 
40 unique manufacture ID, manufacture date, or manufac- 
turer code is disposed. 

[0086] In the issuance ID block, there is disposed in- 
formation regarding the issuance of the IC card 2. 
Namely, in the issuance ID block, for example, there is 
disposed the date on which the IC card 2 is issued, the 
code that represents the order on which the IC card has 
been issued, or the card ID. 

[0087] In the system-definition block, there is dis- 
posed, for example, the number of system blocks or us- 
50 er blocks that the EEPROM 66 possesses, or the sys- 
tem keys. It is to be noted that the system key is used 
when mutual authentication is performed between the 
IC card 2 and each of the reader/writer 1 and controller 
3. 

55 [0088] The area-definition block is produced, for ex- 
ample, by the memory areas of the EEPROM 66 being 
allocated to specific-use-operation areas and joint-use- 
operation areas as later described, etc. And, in that ar- 
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ea-definition block, there is disposed information for 
managing the memory areas having had those use-op- 
eration areas disposed therein, etc. Namely, in the area- 
definition block, there are disposed, for example, the 
range of code that corresponds to the specific-opera- 
tion-use area and joint-use-operation area, the empty 
capacity of each relevant memory area, the area key, 
etc. 

[0089] In the service-definition block, there are dis- 
posed items of information (the capacities of the service 
areas, the service keys, etc.) for managing the service 
areas having disposed therein applications, as later de- 
scribed, that are used for providing various kinds of serv- 
ices. 

[0090] Next, an example of the data structure of data 
stored in the EEPROM 66 of the IC card 2 to which the 
present invention has been applied will be explained 
with reference to FIG. 6. 

[0091] The data stored in the EEPROM 66 includes 
an OS (Operation System), a common atea including 
an electronic money area and a joint-use-operation, or 
commonly accessible, area, a specific area, and a card 
format- definition block that corresponds to the system 
block explained using FIG. 5. 

[0092] The OS is a fundamental program for manag- 
ing an API ( Application Program Interface) for having 
access to each of the applications that are used for pro- 
viding various kinds of services disposed in the common 
area and specific area. In the electronic money area 
there is disposed an application for providing an elec- 
tronic money that can be used by the terminal apparatus 
that all enterprises, co-operating with one another, and 
the like are managing. Here, the "terminal apparatus" is 
constructed of, for example, the reader/writer 1 and the 
controller 3, illustrated in FIG. 1 . Of the data stored in 
the EEPROM 66 of the IC card 2 that has been mounted 
thereinto, with respect to a prescribed service area 
thereof, the terminal apparatus performs read and write 
of-data. The terminal apparatus thereby provides a pre- 
scribed kind of service. 

[0093] With respect to the applications that are dis- 
posed in the electronic money area and joint-use-oper- 
ation, or commonly accessible, area, a right to access 
is authenticated by a common key K, F that will later be 
described using FIG. 9. Namely, in each of those areas 
there is disposed an application that the co-operating 
enterprises, etc., other than an issuer (here referred to 
as "an issuer A") that has issued the IC card can utilize. 
The applications disposed in the joint-use-operation ar- 
ea are not utilizable by all the terminal apparatus of the 
co-operating enterprises. Namely, according to the con- 
tents of the co-operations between the issuer A and the 
co-operating enterprises that manage the terminal ap- 
paratus, the applications that are utilizable are limited 
(the method for limitation will later be described). 
[0094] With respect to the applications that are dis- 
posed in the specific area, a right to access is authenti- 
cated by a specific key A that is owned by the issuer A. 



In that area, there are disposed the applications the is- 
suer A utilizes. 

[0095] By the way, there can be considered to exist a 
case where, under the assumption that the issuer A of 

5 the IC card 2 be a company A, the user purchases an 
item of goods from a company B that is co-operating 
with the company A. And in this case the user settles 
the price of that item of goods, by the use of the IC card 
2, by utilizing the electronic money service the company 

10 A manages. In other words, the company B's managed 
terminal apparatus has permitted with respect thereto 
an access to the application for providing an electronic 
money service that is disposed in a "sum of money area" 
of the joint-use-operation area of the company A's is- 

15 sued IC card 2. 

[0096] In this case, the following two steps of process- 
ing are originally the same. One is the step of processing 
in which to utilize the electronic money through the use 
of the company A's managed terminal apparatus with 

20 use of the company A's issued IC card 2 (the process 
that utilizes the application disposed in a "cashless" in 
the specific area). The other is the step of processing in 
which to utilize the electronic money through the use of 
the company B's managed terminal apparatus with use 

25 of the company A's issued IC card 2. In this case, when 
the service blocks for providing the same kind of service 
exist in the specific area and in the joint-use-operation 
area, a real block for this application is disposed in the 
joint-use-operation area. And, in the relevant block in 

30 the specific area, a link with the real block is made. 
Thereby, each of the corresponding applications be- 
comes able to be executed. 

[0097] Namely, with respect to the common applica- 
tions, the same application is not prepared doubly with 

35 respect to the specific area and the joint-use-operation 
area, but actually the application is disposed with re- 
spect to either one of them (in this case, the joint-use- 
operation area). When an access to the relevant appli- 
cation has occurred from the specific area, there is used 

40 the link with the corresponding application in the joint- 
use-operation area. It is thereby arranged to prevent the 
waste of the memory capacities in the EEPROM 66 of 
the IC card 2. In addition, by-adopting this linked struc- 
ture of the data, in case there are common data to both 

45 of the specific area and the common area and data has 
been changed in one of the areas, it becomes unnec- 
essary to execute the processing for changing data in 
the other thereof by making this processing synchro- 
nous to the former change. 

so [0098] Next, an explanation will be given of the case 
where with respect to the issuer A of the IC card 2 other 
enterpriser or the like makes a request to have its co- 
operation with the issuer A, with reference to FIG. 7. 
[0099] The issuer A issues the IC card 2 according to, 

55 for example, a user's request. In the EEPROM 66 of the 
IC card 2, as explained using FIG. 6, there are recorded 
the following data. They include the OS, the electronic 
money area, the joint-use-operation, commonly acces- 
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sibte, area in which there is disposed the application ac- 
cessible from the co-operating enterprises' managed 
terminal apparatus, the specific area in which there is 
disposed the application accessible from the issuer A's 
managed terminal apparatus, and data disposed in the 
card format-definition block. 

[0100] A data-issuing machine 121 is constructed of, 
for example, the reader/writer 1 and the controller 3 il- 
lustrated in FIG. 1. Also, the data-issuing machine 121 
can be installed, for example, in a railway station, a re- 
tailing store, or other facilities. 

[01 01 ] When wanting to change or renew data stored 
in the EEPROM 66 of the IC card 2, the issuer A regis- 
ters into the data-issuing machine 121 the contents it 
wants to change or update. When thereafter the user 
mounts his IC card 2 into the data-issuing machine 121 
(the user brings the IC card 2 into a state where the IC 
card 2 can make communication with the reader/writer 
1 the data-issuing machine 121 contains therein), the 
data-issuing machine 121 operates as follows. Namely, 
the data-issuing machine 121 transmits commands and 
necessary data to the IC card 2 according to the infor- 
mation registered therein to thereby reload or update the 
contents of the data recorded in the EEPROM 66 of the 
IC card 2. 

[0102] On the other hand, assume that a manager B 
and a manager C each want to provide the service 
based on the use of the IC card 2 the issuer A has is- 
sued. In this case, those managers each conclude a 
contract with the issuer A, and they have supplied from 
the issuer A to them necessary data for execution of the 
authentication processing for authenticating the IC card 
2. Those necessary data include a service code corre- 
sponding to accessible applications that are accessible 
according to the contents of the contract, and a neces- 
sary common key K, F that is necessary for accessing 
the applications disposed in the joint-use-operation area 
explained in connection with FIG. 6. It may be arranged 
that those necessary data be supplied, for example, 
from the issuer As managed terminal apparatus to the 
manager Bs or C's managed terminal apparatus via a 
network such as the Internet lines, etc. Or it may be ar- 
ranged that those necessary data be recorded in, for ex- 
ample, a removable disk and that this removable disk 
be supplied from the issuer A to the manager B or C. 
[0103] Also, assume that a manager D, underthecon- 
trol of the manager B, wants to provide the service 
based on the use of the IC card 2. In this case, the man- 
ager D concludes a contract with the manager B, and 
they have supplied from the manager B to it necessary 
data for execution of the authentication processing for 
authenticating the IC card 2. Those necessary data in- 
clude a service code, and a necessary common key K, F , 
corresponding to accessible applications that are ac- 
cessible according to the contents of the contract. 
[0104] In FIG. 7, an explanation has been given of the 
case where the manager B and manager C co-operating 
with the issuer A and the manager D co-operating with 



the manager B enables the applications of the common 
areas of the issuer A's issued IC card 2 to be utilized 
with respect to the issuer A's issued IC card 2 through 
the use of their own companies' terminal apparatus. 
s However, it may be arranged that each of the managers 
B, C 5 and D issues the IC card 2 in which there are dis- 
posed in its specific area the applications for providing 
its own services. 

[0105] Namely, assume that the issuer A's issued IC 
10 card be an IC card 2-1 . Then, the manager B can issue 
an IC card 2-2 the specific area of that is of a type where- 
in a right to access is controlled by its own specific key 
B and has the applications recorded therein, and the 
common area of that is of a type wherein a right to ac- 
*5 cess is controlled by a common key K, F and has the ap- 
plications recorded therein. Similarly, the manager C 
can issue an IC card 2-3 the specific area of that is of a 
type wherein a right to access is controlled by its own 
specific key C and has the applications recorded there- 
to in, and the common area of that is of a type wherein a 
right to access is controlled by a common key K !F and 
has the applications recorded therein. Further, the man- 
ager D can issue an IC card 2-4 the specific area of that 
is of a type wherein a right to access is controlled by its 
25 own specific key D and has the applications recorded 
therein, and the common area of that is of a type wherein 
a right to access is controlled by a common key K, F and 
has the applications recorded therein. 
[01 06] An enterpriser that wants to make utilizable by 
30 its own company's terminal apparatus the applications 
in the common area of each of the other companies' is- 
sued IC card 2-1 to 2-4 can request co-operating with 
the issuer of the corresponding IC card. And that enter- 
priser has supplied thereto an area code corresponding 
35 to the utilizable application and has only to register that 
area code in its company's managed terminal appara- 
tus. 

[0107] In case, in this way, a plurality of enterprises 
each issue the iC card 2 by that it can provide its specific 

40 service, it may be arranged that enterprises other than 
the managers that manage the terminal apparatus (e.g. 
every manager from the issuer A to manager D of FIG. 
7) have, for example, an IC card center installed for them 
and thereby have the applications in the common area 

45 of their IC card 2 unification-managed. In this case, en- 
terprises that want to participate in the IC card system 
and thereby to provide the service based on the use of 
the IC card 2 having a common format can register itself 
in the IC card center and, for example, can pay a regis- 

50 tration fee. By doing so, each of those enterprises, when 
it itself wants to issue the IC card 2, can have a peculiar 
specific key supplied thereto and issue the IC card 2 for 
providing its own company's specific service to the user. 
In addition, that enterpriser can have supplied thereto 

55 the common key K, F for accessing the common area of 
the IC card 2 other enterpriser issues, by using its own 
company's terminal apparatus. 

[0108] The IC cards 2-1 to 2-4 can take various kinds 
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of forms correspondingly to the services their respective 
IC card 2 issuers provide to the user. With reference to 
FIG. 8, examples of the forms of the services that are 
provided by the IC cards 2 will hereafter be explained. 
[0109] The IC card 2-1 is the one that has been pro- 
duced, for example, by the function as a prepaid card 
(that is utilizable from the company A's managed vend- 
ing machines, gullets, stands, etc.) being added to the 
function of the IC card (a student identification card, a 
company's staff identification card, etc.). The IC card 2-1 
is utilized, for example, in a school, an office, etc. Also, 
in case the application regarding a common electronic 
money disposed in the company A's specific area is the 
same application as the one corresponding to, for ex- 
ample, the electronic money provided to the IC card sys- 
tem and utilizable in other enterpriser or store (e.g. the 
application disposed in the electronic money area, ex- 
plained using FIG. 6), a link is made between the com- 
mon electronic money in the specific area and the cor- 
responding application in the common area (hereinafter, 
the same applies to the cards 2-2 to 2-4 as well). 
[01 1 0] The IC card 2-2 is the one that is produced, for 
example, by the function of a prepaid card being added 
to the cash card of the bank. In this IC card 2-2, in case 
imparting an addition with respect to the value deposited 
in the toward-bank electronic money area of it, that ad- 
dition may be performed as follows. Namely, the user 
may directly deposit his cash each time the necessity 
arises, or may transfer money from his account to a pre- 
scribed money receipt account. Or the user may pro- 
duce another account in the same branch office he uses 
his account in, and thereby may transfer a prescribed 
amount of money into it as the money that is utilizable 
by the IC card 2, beforehand, thereby the management 
thereof may be performed. 

[01 1 1 ) The IC card 2-3 is the one that for example has 
the function of a prepaid card for settlement of the Inter- 
net transactions. And, the IC card 2-4 has, excepting 
that it is prepared forthe utilization of the common area, 
an area whose format is for specifically disposing the 
applications for providing of their services by various 
kinds of enterprises or organizations. 
[01 12] Next, an example of a method of supplying au- 
thentication information such as the common key K| F - in 
that the issuer A of FIG. 7 supplies that information with 
respect to the managers B, C, and D will now be ex- 
plained with reference to FIG. 9. That common key K tF 
is the one that is intended to permit to each of those 
managers a right to access the applications disposed in 
the common area. 

[0113] The issuer A of the IC card 2 determines the 
system key that as explained using FIG. 5 is stored in 
the system-definition block of the EEPROM 66 and the 
specific key A that as similarly explained serves as the 
area key in the area-definition area (e.g. #0000h) cor- 
responding to the specific area. The issuer A thereby 
causes the system key and the specific key A to be 
stored, respectively, in the system-definition block of the 



EEPROM 66 of the IC card 2 it issues and in the area- 
definition area #0000h thereof, beforehand. Hereinafter, 
regarding the area key in the area-definition area 
#xxxxh ; it is described as the area key #xxxxh as the 
5 necessity-arises . 

[0114] The control part 101 of the controller 3 of the 
issuer A's managed terminal apparatus encodes the 
system key with use of the specific key A to thereby pro- 
duce an area intermediate key K A beforehand. Inciden- 
ts tally, as the method of encoding : it is possible to adopt, 
for example, a DES (Data Encryption Standard) or an 
FEAL (Fast Data Encipherment Algorithm). 
[0115] And, when giving the manager B the right to 
access the common area, the issuer A supplies to the 
is manager B the following. It includes the common key 
K, F that serves as the area key of the area-definition ar- 
ea (e.g. #0100h) corresponding to the common area, 
the area intermediate key K A , the service code and serv- 
ice key corresponding to the application the issuer A 
20 permits access to, and the area code #0000h. Namely, 
the control part 101 of the controller 3 of the issuer A's 
managed terminal apparatus has supplied thereto from 
the input part 103 the common key K )F that serves as 
the area key of the area-definition area (e.g. #0100h) 
25 corresponding to the common area, the area intermedi- 
ate key K A , the service code and service key corre- 
sponding to the application the issuer A permits access 
to, and the area code #0000h. It transmits these data 
items to the controller 3 of the manager B by way of the 
30 internal bus 102, network interface 107, and wide-band 
network such as the Internet communication network 
not illustrated. 

[0116] Accordingly, although the manager B's termi- 
nal apparatus can recognize the area intermediate key 

35 K A and common key K, P , it cannot recognize the system 
key and the specific key A of the issuer A that is, so to 
speak, the parent. However, since the common key K, F 
of the manager B is the one that has been given to the 
terminal apparatus of the manager B that is, so to speak, 

40 the child, by the terminal of the issuer A that is the par- 
ent, the issuer A that is the parent has a recognition of 
the common key K )F of the manager B that is the child. 
[0117] The control part 101 of the controller 3 of the 
manager B's managed terminal apparatus codes the ar- 

45 ea intermediate key K A that has been gotten from the 
issuer A, by the use of the common key K, F that has 
been gotten from the issuer A. It thereby produces the 
area intermediate key K B . It thereby supplies it to the 
reader/ writer 1 , together with the common key K jF and 

50 the service code and service key, corresponding to the 
application the access to that has been permitted to it, 
via the following. Namely, via the internal bus 102, net- 
work interface 107, and the network cable such as the 
RS-485A. It thereby causes these data to be kept stored 

55 in the flash memory 22 of the reader/writer 1 . 

[0118] In case imparting the right to access the com- 
mon area to the manager C, also similarly, the control 
part 101 of the controller 3 of the issuer A's managed 
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terminal apparatus supplies to the manager C's control- 
ler 3 the common key K, F , area intermediate key K A , 
service code and service key corresponding to the ap- 
plication the access to that is permitted to it r and area 
code #0000h. 

[0119] Accordingly, although the manager C's termi- 
nal apparatus can recognize the area intermediate key 
K A and the common key K JF , it cannot recognize the sys- 
tem key and the specific key A of the issuer A that is the 
parent. 

[0120] The control part 101 of the controller 3 of the 
manager-C's managed terminal apparatus codes the ar- 
ea intermediate key K A that has been gotten from the 
issuer A that is the parent, by the use of the common 
key K, F that has been gotten similarly from the issuer A. 
It thereby produces an area intermediate key K c . It 
thereby supplies it to the reader/writer 1 together with 
the common key K IF and the service code and service 
key corresponding to the application the access lo lhal 
is permitted to it, via the internal bus 1 02. network inter- 
face 107, and network cable such as the RS-485A. It 
thereby causes these data to be kept stored in the flash 
memory 22 of the reader/writer 1 . 
[0121] On the other hand, in case imparting to the 
manager D a part of the right to access the application 
the access to that is permitted to itself, also similarly, the 
control part 101 of the controller 3 of the manager B's 
managed terminal apparatus supplies to the controller 
3 of the manager D's managed terminal apparatus the 
area intermediate key K B , service code and service key 
corresponding to the application the access to that is 
permitted to it, common key K (F , area code #01 OOh, and 
area code #0000h of the issuer A that is the parent. 
[0122] Accordingly, although the manager D's termi- 
nal apparatus can recognize the area intermediate key 
K B and the common key K, F , it cannot recognize the sys- 
tem key and the specific key A of the issuer A. 
[0123] The control part 101 of the controller 3 of the 
manager D's managed terminal apparatus codes the ar- 
ea intermediate key K B that has been gotten from the 
manager A that is the parent, by the use of the common 
key K, F that has been gotten similarly from the manager 
B. It thereby produces an area intermediate key K D . It 
thereby supplies it to the reader/writer 1 together with 
the common key K (F and the service code and service 
key corresponding to the application the access to that 
is permitted to it, via the internal bus 1 02, network inter- 
face 1 07, and network cable such as the RS-485A. It 
thereby causes these data to be kept stored in the flash 
memory 22 of the reader/writer 1 . 
[0124] It is to be noted that the common key K )F that 
the issuer A has imparted to each of the managers B 
and C and that the manager B has imparted to the man- 
ager D is written beforehand into the area-definition area 
#01 OOh of the EEPROM 66 of the IC card 2, which de- 
fines the common area. 

[0125] Here : an explanation has been given of the 
case where the issuer A of the IC card 2 supplies au- 



thentication information such as the common key K (F to 
the manager B and to the manager D. 
However, the same processing is executed also when 
the above-described IC card center supplies the authen- 

5 tication information such as the common key K, F to each 
of the manager B and the manager D. 
[0126] Next, in case, under the assumption that the 
supply of the right to access such as that explained in 
connection with FIG. 9 has been performed, the IC card 

10 2 has been mounted to the issuer A's terminal appara- 
tus, the mutual authentication between the issuer A's 
terminal apparatus and the IC card 2 in that case will be 
explained with reference to FIG. 10. 
[0127] Assume a case where the application stored 

15 in the specific area of the EEPROM 6 of the IC card 2 
is executed using the issuer A's managed terminal ap- 
paratus and a prescribed kind of service be provided to 
the user. In this case, as illustrated in FIG. 10, the con- 
troller 3 of the issuer A's terminal apparatus encodes 

20 the following service key by the use of the area interme- 
diate key K A . That is, the service key (the service key 
stored in the service-definition area #xxxxh is hereinaf- 
ter described as the necessity arises as the service key 
#xxxxh) stored in the service-definition area (e.g. the 

25 service-definition area #0008h) corresponding to the 
application disposed in the specific area. The controller 
3 thereby produces a service intermediate key K #0O08h . 
And : it thereby registers this key into the flash memory 
22 of the reader/writer 1 together with the area interme- 

30 diate key K A . In addition, the issuer A's controller 3 reg- 
isters the following codes into the flash memory 22 of 
the reader/writer 1 . That is, the area code #0000h in the 
area-definition area #0000h corresponding to the spe- 
cific area and the service code in the service-definition 

35 area corresponding to the application, in the specific ar- 
ea, produced in the hierarchy of that area-definition area 
#0000h. 

[0128] Namely, assume a case where the IC card 2 is 
mounted into the issuer A's managed terminal appara- 

40 tus and the user has instructed the utilization of its de- 
sired service. In this case, the DPU 31 of the reader/ 
writer 1 of the issuer A's managed terminal apparatus 
reads in from the flash memory 22 the area code #0000h 
registered therein and the service code (e.g. the service 

45 code #0008h) corresponding to the service the user has 
wanted to utilize, similarly registered therein. The DPU 
31 transmits these data to the IC card 2 mounted, via 
the bus 35, SPU 32, modulator circuit 27, and antenna 
27. The sequencer 91 of the IC card 2 has input thereto 

so the area code #0000h and service code #000Bh from 
the issuer A's terminal apparatus via the antenna 53, 
interface part 61 , and BPSK demodulation part 62. 
[0129] And, in the IC card 2, the system key stored in 
the system-definition block (FIG. 5) is read out from the 

55 data stored in the EEPROM 66. Simultaneously, the 
specific key A is read out from the area-definition area 
having the area code #0000h received from the issuer 
A's terminal apparatus. Further, the system key is en- 
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coded using the specific key A. Resultantly, there is pro- 
duced the same key as the area intermediate key K A 
registered in the issuer A's terminal apparatus. This 
same key as the area intermediate key K A is used as a 
first access key (authentication key) K bc that is used for 
authentication of the right to access the specific key. 
[0130] Also, in the IC card 2, the service key #0008h 
is read out from the service-definition area having the 
service code #0008h received from the issuer A's termi- 
nal apparatus. And, the area intermediate key K A is en- 
coded using the service key #0008h. Resultantly, there 
is produced the same key as the area intermediate key 
K #0008h registered in the issuer A's terminal apparatus 
of FIG. 10. This same key as the area intermediate key 
K #00 o8h is used as a second access key (authentication 
key) K ac that is used for authentication of the right to 
access the corresponding application. 
[0131] Accordingly, in the issuer A's terminal appara- 
tus, Ihere are registered the area intermediate key K A 
that is the first access key K bc and the service interme- 
diate key K #0008h that is the second access key K ac . On 
the other hand, in the IC card 2, the area intermediate 
key K A that is the first access key and the service 
intermediate key K^q^ that is the second access key 
K ac are produced. Thereby, the utilization of the appli- 
cation in the specific area corresponding to the service 
key K #0008h is authenticated. 

[0132] Next, in case, under the assumption that the 
supply of the right to access such as that explained in 
connection with FIG. 9 has been performed, the IC card 
2 has been mounted to the issuer C's terminal appara- 
tus, the mutual authentication between the issuer C's 
terminal apparatus and the IC card 2 in that case will be 
explained with reference to FIG. 11 . 
[0133] Assume a case where the application stored 
in the common area of the EEPROM 66 of the IC card 
2 is executed using the issuer C's managed terminal ap- 
paratus and a prescribed kind of service be provided to 
the user. In this case, the controller 3 of the issuer C's 
managed terminal apparatus encodes by the use of the 
area intermediate key K c the following service key dis- 
posed in the common area. That is, the service key (e. 
g. the service key #1022h) corresponding to the appli- 
cation the access to that is permitted to the manager C. 
The controller 3 thereby produces a service intermedi- 
ate key K #1022h . And, it thereby registers this key into 
the flash memory 22 of the reader/writer 1 together with 
the area intermediate key K c . And, the controllers of the 
manager C's managed terminal apparatus registers into 
the flash memory 22 of the reader/writer 1 of the man- 
ager C's managed terminal apparatus the following 
codes. That is, the area code #0000h of the issuer A, 
the area code #0100h corresponding to the common ar- 
ea, and the service code in the service-definition area 
(e.g. the service-definition area #1022h) corresponding 
to the application the utilization of that has been permit- 
ted to it under a relevant contract. 
[01 34] Namely, assume a case where the IC card 2 is 



mounted into the issuer C's managed terminal appara- 
tus and the terminal apparatus has been operated by 
the user so as for him to instruct the utilization of a de- 
sired service. In this case, the DPU 31 of the reader/ 

s writer 1 of the terminal apparatus reads in from the flash 
memory 22 the area codes #0000h and #0100h regis- 
tered therein and the service code (e.g. the service code 
#1 022h) corresponding to the service the user has want- 
ed to utilize, similarly registered therein. The DPU 31 

10 transmits these code data to the IC card 2 mounted, via 
the bus 35, SPU 32 : modulation circuit 23, and antenna 
27. The sequencer 91 of the IC card 2 has input thereto 
the area codes #0000h and #0100h and service code 
#1 022h from the managerC's terminal apparatus via the 

15 antenna 53 , interface part 61 , and BPSK demodulation 
part 62. 

[0135] And, in the IC card 2, the system key stored in 
the system-definition block explained using FIG. 5 is 
read out from the data stored in the EEPROM 66. Si- 

20 multaneously : the specific key A or common key K )F is 
read out from the area-definition area having the area 
code #0000h or #01 OOh received from the manager C's 
terminal apparatus. Further, the system key is encoded 
using the specific key A. Resultantly, there is produced 

25 the same key as the area intermediate key K A . And the 
same key as that area intermediate key K A is encoded 
using the common key K, F . Resultantly, there is pro- 
duced the same key as the area intermediate key 
registered in a service provider apparatus 111 of FIG. 

30 14. This same key as the area intermediate key K c is 
used as a first access key that is used for authenti- 
cation of the right to access the common area. 
[0136] Also, in the IC card 2, from the data stored in 
the EEPROM 66, the service key #1022h is read out 

35 from the service-definition area having the service code 
#1022h received from the issuer C's managed terminal 
apparatus. And, the same key as the area intermediate 
key K c is encoded using the service key #1022h. Re- 
sultantly, there is produced the same key as the area 

40 intermediate key K #1022h registered in the issuer C's 
managed terminal apparatus. This same key as the area 
intermediate key K #1022 h is used as a second access 
key K ac that is used for authentication of the right to ac- 
cess the corresponding application. 

45 [0137] Accordingly, in the manager C's managed ter- 
minal apparatus, there are registered the area interme- 
diate key K c that is the first access key and the serv- 
ice intermediate key K #102 2h tnat ' s tne second access 
key K ac . On the other hand, in the IC card 2, the area 

so intermediate key K^. that is the first access key and 
the service intermediate key K #1022 h tnat is tne second 
access key K ac are produced. 

[0138] And, assume a case where, as a result of the 
mutual authentication, both the data of the IC card 2 and 
55 the data of the manager C's managed terminal appara- 
tus have been the ones each of that is proper with re- 
spect to the other. In this case, the IC card 2 permits 
with respect to the manager C's managed terminal ap- 
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paratus the access to the service area that is managed 
by the service-definition area having the service code 
that has been transmitted on from the manager C's man- 
aged terminal apparatus. Therefore, in-the case that 
has been explained using FIG. 11, the manager C's 5 
managed terminal apparatus becomes able to access 
the application of the service area that is managed by 
the service-definition area #1022h of the IC card 2. 
[0139] That is to say, in the manager C's terminal ap- 
paratus in that the area intermediate key K C! area code 
#0000h,#0100h, service key #1022h, and service code 
#1022h are each registered, access can be had to the 
service area that is under the control of the service-def- 
inition area #1022h. But, the manager C's terminal ap- 
paratus has not had registered therein other service 
codes the utilization of that is not permitted under a rel- 
evant contract. Therefore, the manager C's terminal ap- 
paratus cannot access, until it has issued with respect 
to it a relevant service code by the issuer A under a new 
relevant contract, the application in the service area 
managed in the corresponding relevant service- defini- 
tion area. 

[0140] As described above, the terminal apparatus 
managed respectively by the manager B that has co- 
operated with the issuer A issuing the IC card 2, man- 
ager C that has similarly co-operated with it, and man- 
ager D that has co-operated with the manager B can 
each utilize, according to the contents of the corre- 
sponding co-operation, the application stored in the 
EEPROM 66 of the IC card 2. (Namely, each of them 
can access the application corresponding to the service 
code that has been supplied from the issuer A). 
[01 41 ] Next, the processing of the terminal apparatus 
to that the present invention has applied will be ex- 
plained with reference to the flow chart of FIG. 12. Here, 
an explanation will be given of the processing executed 
using the terminal apparatus that has the specific key A 
and common key K !F and that is managed by the issuer 
A. 

[0142] The reader/writer 1 of the terminal apparatus, 
in step S1 , detects the mounting of the IC card with re- 
spect to it, for example, by monitoring the state of load 
of the antenna 2. In step S2, the reader/writer 1 has input 
thereto from the controller 3 a signal indicating an ob- 
ject-to-be-opened file, which signal among the applica- 
tions stored in the EEPROM 66 indicates which one of 
the files should be opened. (Namely, that signal is the 
one indicating a utilization application with respect to 
that the user has input with use of the input part 1 03 of 
the controller 3 and that has been designated based on 
the user's operation indicating the utilization of, deposit 
into, etc. the electronic money). The signal indicating the 
object-to-be-opened is input to the DPU 31 via the SCC 
33 and the bus 35. 

[0143] In step S3, the reader/writer 1 of the terminal 
apparatus performs authentication by the use of the 
specific key Ath rough the execution of the processing 
explained using FIG. 10. Namely, the DPU 31 of the 



reader/writer 1 reads in via the bus 35 the authentication 
information based on the use of the specific key A stored 
in the flash memory 22. 7':s DPU 31 then transmits that 
information to the IC card 2 via the bus 35, S PU 32, mod- 
ulator circuit 23, and antenna 27. The SPU 32 receives 
the response signal from the IC card 2 via the antenna 
27 and the modulator circuit 25. It then inputs this re- 
sponse result to the DPU 31 via the bus 35. 
[0144] In step S4, the DPU 31 of the reader/writer 1 
determines whether the reader/writer 1 and the IC card 
2 have been correctly authenticated each other, by the 
specific key A and according to the response signal in- 
put in step S3 from the IC card 2. In case in step S4 it 
has been determined that correct authentication has not 
been performed, the-processing proceeds to step S11 . 
[0145] In case it has been determined in step S4 that 
correct authentication has been performed (namely, In 
case the IC card 2 mounted has been the one issued by 
the issuer A), the DPU 31 of the reader/writer 1 in step 
S5 acts or operates on the signal indicating the object- 
to-be-opened file input in step S2. The DPU 32 accord- 
ing to that signal produces a control signal (including the 
service code corresponding to the object-to-be-opened 
file) for gaining the right to access the object-to-be- 
opened file disposed in the EEPROM 66 of the IC card 
2. It then transmits that control signal to the IC card 2 
via the bus 35, SPU 32, modulator circuit 23, and an- 
tenna 27. The SPU 32 receives the response signal from 
the IC card 2 via the antenna 27 and the demodulator 
circuit 25. Then, it inputs the corresponding response 
result to the DPU 31 via the bus 35. 
[0146] In step S6, the DPU 31 of the reader/writer 1 
determines, according to the response signal input in 
step S5 from the IC card 2, whether it has been able to 
get the right to access the object-to-be-opened file. In 
case it has been determined in step S6 that the DPU 31 
has failed to get the right to access the object-to-be- 
opened file, the processing proceeds to step S10. 
[0147] In case it has been determined in step S6 that 
the relevant terminal apparatus has been able to get the 
accessing right, the DPU 31 of the reader/writer 1 pro- 
duces according to the signal indicating the object-to- 
be-opened file input in step S2 the following control sig- 
nal. Namely, the control signal for opening the object- 
to-be-opened file in the EEPROM 66 of the IC card 2. 
The DPU 31 then transmits that control signal to the IC 
card 2 via the bus 35, SPU 32, modulator 23, and an- 
tenna 27 together with the specific key A registered in 
the flash memory 22. 

[0148] In step S8, the reader/writer 1 performs data 
transmission/ reception with the IC card 2 according to 
the necessity. In this step S8, the reader/writer 1 exe- 
cutes the command-processings based on, for exam- 
ple, the operation designating the utilization ( subtrac- 
tion) of the electronic money, the filling (addition) there- 
of, etc. that the user has input in step S2 by the use of 
the input part 1 03 of the controllers. Concrete examples 
of the processings that are executed will be described 
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later with reference to FIGS. 13 to 18. 
[0149] In step SB, the DPU 31 of the reader/writer 1 
records the log of the processing executed in step S8 
into the RAM 42 of the memory 34 of the reader/writer 

1 as a case of utilizing the specific key A. The DPU 31 5 
also produces a control signal for recording into the 
RAM 67 of the IC card 2, and transmits it to the IC card 

2 via the bus 35, SPU 32 ; modulation 23, and antenna 
27. The antenna 53 of the IC card 2 receives the control 
signal and supplies it to the interface part 61 . Thereby 
in the interface part 61 , BPSK demodulation part 62, and 
calculation part 64, a prescribed piece of processing is 
executed. And, the log of the processing executed in 
step S8 is kept stored in the RAM 67, thereby the 
processing is terminated. 

[0150] Assume a case where it has been determined 
in step S4 that no correct authentication has been per- 
formed with the use of the specific key A (namely, a case 
where the IC card 2 is the one that has been issued by 
other manager than the issuer A). In step S1 1 , the read- 
er/writer 1 of the terminal apparatus performs authenti- 
cation with use of the common key K !F according to the 
process explained using FIG. 1 1 . That is to say, the DPU 
31 of the reader/writer 1 reads in the bus 35 the authen- 
tication information, the authentication of that is per- 
formed using the common key K )F stored in the flash 
memory 22. Then, it transmits that authentication infor- 
mation to the IC card 2 via the bus 35, SPU 32, modu- 
lator 23, and antenna 27. The SPU 32 receives the re- 
sponse signal from the IC card 2 via the antenna 27 and 
the demodulator circuit 25. And, it inputs the response 
result to the DPU 31 via the bus 35. 
[0151] In step S12, the DPU 31 of the reader/writer 1 
operates on the response signal that has been input in 
step S164 from the IC card 2. The DPU 31 determines 
according to that response signal whether the correct 
authentication has been performed by the common key 
K| F . In case it has been determined in step S12 that the 
correct authentication is not performed, the processing 
proceeds to step S10. 

[01 52] In case it has been determined in step S1 2 that 
correct authentication has been performed, in step S13 
the DPU 31 of the reader/writer 1 acts or operates on 
the signal that indicates the object-to-be-opened file that 
has been input in step S2. The DPU 31 then produces 
a control signal for gaining the accessing right for the 
object-to-be-opened file disposed in the EEPROM 66 of 
the IC card 2 (the control signal including the service 
code corresponding to the object-to-be-opened file). It 
then transmits it to the IC card 2 via the bus 35, SPU 32, 
modulator circuit 23, and antenna 27. The SPU 32 re- 
ceives the response signal from the IC card 2 via the 
antenna 27 and the demodulator circuit 2 and inputs the 
response result to the DPU 31 via the bus 35. 
[0153] In step S14, the DPU 31 of the reader/writer 1 
determines, according to the response signal input in 
step S5 from the IC card 2, whether it has been able to 
get the right to access the object-to-be-opened file. In 



case it has been determined in step S14 that the DPU 
31 has failed to get the right to access the object-to-be- 
opened file, the processing proceeds to step S10. 
[0154] In case it has been determined in step S14 that 
the relevant terminal apparatus has been able to get the 
accessing right, the DPU 31 of the reader/writer 1 instep 
S1 5 produces according to the signal indicating the ob- 
ject-to-be-opened file input in step S2 the following con- 
trol signal. Namely, the control signal for opening the ob- 
ject-to-be-opened file in the EEPROM 66 of the IC card 
2. The DPU 31 then transmits that control signal to the 
IC card 2 via the bus 35, SPU 32, modulator circuit 23, 
and antenna 27 together with the common key K, F reg- 
istered in the flash memory 22. 

[0155] In step S16, the reader/writer 1 performs data 
transmission/reception with the IC card 2 according to 
the necessity In this step S2, the reader/writer 1 exe- 
cutes the command-processings input by using the in- 
put part 103 of the controller 3 by users based on, for 
example, the operation designating the utilization of the 
electronic money, the reference to the data kept stored 
in the file. Concrete examples of the processings that 
are executed will be described later with reference to 
FIGS. 13 to 18. 

[0156] In step S17, the DPU 31 of the reader/writer 1 
records the log of the processing executed in step S16 
into the RAM 42 of the memory 34 of the reader/writer 

1 as a case of utilizing the common key K, F . The DPU 
31 also produces a control signal for recording into the 
RAM 67 of the IC card 2, and transmits it to the IC card 

2 via the bus 35, SPU 32, modulator circuit 23, and an- 
tenna 27. The antenna 53 of the !C card 2 receives the 
control signal and supplies it to the interface part 61 . 
Thereby, in the interface part 61, BPSK demodulation 
part 62, and calculation part 64, a prescribed piece of 
processing is executed. And ; the log of the processing 
executed in step S1 6 is kept stored in the RAM 67, there- 
by the processing is terminated. 

[0157] In the following cases, the DPU 31 of the read- 
er/writer 1 in step S1 0 produces a control signal indicat- 
ing the contents of the error, and outputs it to the con- 
troller 3 via the bus 35 and SCC 33. Namely, a first case 
is the one wherein in step S6 it has been determined 
that the DPU 31 has failed to get the accessing right. A 
second case is the one wherein in step S12 it has been 
determined that no correct authentication has been per- 
formed through the use of the common key K IF . And a 
third case is the one wherein in step S24 it has been 
determined that the DPU 31 has failed to get the access- 
ing right. The control part 1 01 of the controller 3 has in- 
put thereto the control signal from the reader/writer 1 via 
the network interface 107 and the internal bus 102. It 
then produces an. error message for being displayed on 
the display part 105 and outputs it to the display part 
105 via the internal bus 102, thereby the processing is 
terminated. 

[0158] Next, concrete examples of the processings 
explained using FIG. 1 2 will be explained with reference 
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to FIGS. 13 to 18. 

[0159] For example, assume that the following be reg- 
istered in the electronic money area of the common ar- 
ea, or the mutual-use-operation area, of the IC card 2, 
which has been explained using FIG. 6. Namely, the re- 5 
spective co-operating stores, and the application (the 
for-joint-use-operation, or commonly accessible, elec- 
tronic value file) enabling the use of the 'for-joint-use- 
operation (commonly accessible) electronic value" that 
can be used when purchasing an item of goods (i.e. hav- 
ing the same value as that of money or currency). Also, 
in the specific area, as well, of the IC card 2, there is 
disposed the commonly accessible electronic value file, 
that is linked with the commonly accessible electronic 
value file of the common area. 

[0160] It is here assumed that it be set that the com- 
monly accessible electronic value can be used the 
stores of all enterprises taking part in the IC card use 
operation system. (Namely, it is set that all terminal ap- 
paratus each have registered therein an area code cor- 
responding to the application for executing the subtrac- 
tion of the amount of commonly accessible electronic 
value). On the other hand, it is assumed that it be set 
* vat the application for increasing the amount of elec- 
tronic value by the filling, i.e. deposit of money or the 
like, with respect to the commonly accessible electronic 
vaiue can only be used with the terminal apparatus the 
enterpriser having issued the corresponding IC card 2 
manages. 

[0161] With reference to the flow chart of FIG. 13, the 
commonly accessible electronic value filling process the 
terminal apparatus, managed by the issuer A that has 
issued the IC card 2, executes will now be explained. 
[0162] In step S21 , the reader/writer 1 of the terminal 
apparatus detects the IC card 2 that has been mounted 
thereto. Then, the reader/writer 1 has input thereto from 
the controller 3 the filling amount of for-joint-use-opera- 
tion, or commonly accessible, electronic value the user 
has input using the input part 103 of the controller 3. 
Namely, the object-to-be-opened file is a for-joint-use- 
operation electronic value file, and the filling amount of 
for-joint-use-operation electronic value is input to the 
DPU 31 via the SCC 33 and the bus 35. 
[0163] The DPU 31 of the reader/writer 1 of the termi- 
nal apparatus, in step S22 and in step S23, executes 
the same pieces of processing as in the step S3 and in 
the step S4 of FIG. 12. In case it has been determined 
in step S23 that correct authentication has not been per- 
formed, the processing proceeds to step S29. 
[01 64] In case it has been determined in step S23 that 
correct authentication has been performed (namely, in 
case the IC card 2 has been the one issued by the issuer 
A), the DPU 32 of the reader/ writer 31 in step S24 pro- 
duces a control signal (including the service code cor- 
responding to the for-joint-use-operation, or commonly 
accessible, electronic value file) for gaining the right to 
access the for-joint-use-operation electronic value file 
recorded in the specific area of the EEPROM 66 of the 



IC card 2. It then transmits that control signal to the IC 
card 2 via the bus 35, SPU 32, modulator circuit 23. and 
antenna 27. It is to be noted that the real file of the for- 
joint-use-operation electronic value stored in the specif- 
ic area of the EEPROM 66 of the IC card 2 is recorded 
in the common area. And, that real file is linked from the 
for-joint-use-operation electronic value file recorded in 
the specific area. The SPU 32 receives the response 
signal from the IC card 2 via the antenna 27 and the 
demodulator circuit 25. Then, it inputs the correspond- 
ing response result to the DPU 31 via the bus 35. 
[0165] In step S25, the DPU 31 of the reader/writer 1 
determines, according to the response signal input in 
step S24 from the IC card 2, whether the terminal appa- 
ratus has permitted thereto the right to access the ap- 
plication corresponding to the addition processing of the 
amount of value with respect to the for-joint-use-opera- 
tion electronic value file. In case it has been determined 
in step S25 that the terminal apparatus does not have 
permitted thereto the accessing right, the processing 
proceeds to step S29. 

[0166] In case it has been determined in step S25 that 
the accessing right is permitted, the DPU 31 of the read- 
er/writer 1 in step S26 produces the following control 
signal. Namely, the control signal for opening the joint- 
use-operation electronic value file (real file) in the com- 
mon area, which file is linked with and from the joint- 
use-operation electronic value file in the specific area in 
the EEPROM 66 of the IC card 2. Then the SPU 31 
transmits that control signal to the IC card 2 together 
with the specific key A via the bus 35, S PU 32 ; modulator 
circuit 23, and antenna 27. 

[0167] In step S27, the DPU 31 of the reader/writer 1 
executes a filling piece of processing for filling the for- 
joint-use-operation electronic value, according to the fin- 
ing amount of money the user has input using the input 
part 103 of the controller 3, Namely, the DPU 31 produc- 
es the following control signal. The one for adding the 
filling amount of money input from the controller 3, to the 
remainder of the for-joint-use-operation electronic value 
recorded in the for-joint-use-operation electronic value 
file and registered in the common area of the IC card 2. 
The DPU 31 then transmits that control signal to the IC 
card 2 via the bus 35, SPU 32, modulator circuit 23, and 
antenna 27. 

[0168] The antenna 53 of the IC card 2 receives the 
ASK modulation signal corresponding to the control sig- 
nal transmitted from the reader/writer 1 and supplies it 
to the interface part 61 . Prescribed pieces of processing 
are executed in the interface part 61 , BPSK demodula- 
tion part 62, and calculation part 64. Then, the control 
signal that has been transmitted from the reader/writer 
1 is input to the sequencer 91 . Then the sequencer 91 
according to the control signal input thereto changes the 
remainder of the for-joint-use-operation electronic value 
recorded in the EEPROM 66. 

[0169] In step S28, the DPU 31 of the reader/writer 1 
records the log of the processing executed in step S27 
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into the RAM 42 of the memory 34 of the reader/writer 
1 as a case of utilizing the specific key A. The DPU 31 
also produces a control signal for recording the same 
log into the RAM 67 of the IC card 2, and transmits it to 
the IC card 2 via the bus 35, SPU 32, modulator circuit 5 
23, and antenna 27. The antenna 53 of the IC card 2 
receives the ASK modulation signal corresponding to 
the control signal transmitted from the reader/writer 1 
and supplies it to the interface part 61 . Thereby, in the 
interface part 61 , BPSK demodulation part 62, and cal- 
culation part 64, a prescribed piece of processing is ex- 
ecuted. And, the log of the processing executed in step 
S27 is kept stored in the RAM 67, thereby the process- 
ing is terminated. 

[0170] In case correct authentication has not been 
performed in step S23 or in case it has been determined 
in step S25 that the accessing right to the relevant file 
(the accessing right for accessing the addition process- 
ing) is not permitted, in step S29 the same processing 
as in the step S10 of FIG. 12 is executed, thereby the 
processing is terminated. 

[0171] Also, it may be arranged that the issuer A 
records into the specific area of the EEPROM 66 of the 
IC card 2 the application for providing as the service with 
respect to the user the following service. The service 
that supplies a service point that is utilizable only by the 
terminal apparatus the issuer A manages. For example, 
it may thereby be arranged that the service point corre- 
sponding to the amount of money at which an item of 
goods has been purchased, etc. can be supplied to the 
IC card 2 the corresponding user has. In this case, the 
control part 1 01 of the controller 3 calculates the adding 
amount of money corresponding to the for-specific-use- 
operation service point according to the utilized amount 
of money of the for-joint-use-operation electronic value 
the user has input using the input part 103 of the con- 
troller 3, etc. Then the control part 101 outputs the re- 
sulting adding amount of money to the reader/writer 1 
via the internal bus 102 and the network interface 107. 
[01 72] Next, the for-specif ic-use-operation , or specif- 
ic-accessible, service point write-in process that the ter- 
minal apparatus managed by the issuer A executes will 
be explained with reference to the flow chart of FIG. 1 4. 
[0173] In step S41, the reader/writer 1 of the issuer 
A's managed terminal apparatus detects the IC card that 
has been mounted thereto. And, it has input thereto the 
adding amount of money corresponding to the for-spe- 
cific-use-operation service point, from the controller 3. 
Namely, the object-to-be-opened file is the for-specif ic- 
use-operation service point file. The adding amount of 
money corresponding to the for-specific-use-operation 
service point is input to the DPU 31 via the SCC 33 and 
the bus 35. 

[0174] The DPU 31 of the reader/writer 1 of the termi- 
nal apparatus, in step S42 and in step S43, executes 
the same pieces of processing as in the step S3 and in 
the step S4 of FIG. 12. In case it has been determined 
in step S43 that correct authentication has not been per- 



formed, the processing proceeds to step S49. 
[0175] In case it has been determined in step S43 that 
correct authentication has been performed (i.e. in case 
the IC card 2 is the issuer A's issued IC card 2), in step 
S44 the DPU 31 of the reader/ writer 1 produces the 
following control signal. The control signal for gaining 
the accessing right to the for-specific-use-operation, or 
specific-accessible, service point file recorded in the 
specific area of the EEPROM 66 of the IC card 2 (the 
control signal including the service code corresponding 
to the for-specific-use-operation service point file). It 
then transmits it to the IC card 2 via-the bus 35, SPU 
32, modulator circuit 23, and antenna 27. The SPU 32 
receives the response signal from the IC card 2 via the 
antenna 27 and the demodulator circuit 25 and inputs 
the response result to the DPU 31 via the bus 35. 
[0176] In step S45, the DPU 31 of the reader/writer 1 
determines, according to the response signal input in 
step S44 from the IC card 2, whether it has had permit- 
ted thereto the right to access the addition processing 
with respect to the for-specific-use-operation service 
point. In case it has been determined in step S45 that 
the accessing right is not permitted, the processing pro- 
ceeds to step S49. 

[01 77] In case it has been determined in step S45 that 
the accessing right is permitted, in step S46 the DPU 31 
of the reader/ writer 1 produces the following control sig- 
nal. The control signal for opening the for-joint-use-op- 
eration service point addition file that is disposed in the 
EEPROM 66 of the IC card 2. The DPU 31 transmits it 
to the IC card 2 via the bus 35, SPU 32, modulator circuit 
23, and antenna 27 jointly with the specific key A regis- 
tered in the flash memory 22. 

[0178] In step S47, the DPU 31 of the reader/writer 1 
acts or operates on the adding amount of money corre- 
sponding to the for-specific-use-operation service point, 
that has been input from the controller 3 in step S41 . 
The DPU 31 according to that adding amount of money 
executes the addition processing corresponding to the 
for-specific-use-operation service point. Namely, the 
DPU 31 produces a control signal for adding the adding 
amount of money corresponding to the for-specific-use- 
operation service point to the following for-specific-use- 
operation service point remainder. Namely, the for-spe- 
cific-use-operation service point remainder that is re- 
corded in the for-specific-use-operation service point 
file registered in the specific area of the IC card 2. The 
DPU 31 then transmits it to the IC card 2 via the bus 35, 
SPU 32, modulator circuit 23, and antenna 27. 
[0179] The antenna 53 of the IC card 2 receives the 
ASK modulated signal corresponding to the control sig- 
nal transmitted from the reader/writer 1 and supplies it 
to the interface part 61 . Prescribed pieces of processing 
are executed in the interface part 61 , BPSK demodula- 
tion part 62, and calculation part 64. Then, the control 
signal that has been transmitted from the reader/writer 
1 is input to the sequencer 91 . Then the sequencer 91 
according to the control signal input thereto changes the 
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remainder of the for-joint-use-operation electronic vatue 
recorded in the EE PROM 66. 

[0180] In step S48, the DPU 31 of the reader/writer 1 
records the log of the processing executed in step S47 
into the RAM 42 of the memory 34 of the reader/writer 5 
1 as a case of utilizing the specific key A. The DPU 31 
also produces a control signal for recording the same 
log into the RAM 67 of the IC card 2, and transmits it to 
the IC card 2 via the bus 35, SPU 32, modulator circuit 
23, and antenna 27. The antenna 53 of the IC card 2 
receives the ASK modulated signal corresponding to the 
control signal transmitted from the reader/writer 1 and 
supplies it to the interface part 61 . Thereby, in the inter- 
face part 61 , BPSK demodulation part 62, and calcula- 
tion part 64, a prescribed piece of processing is execut- 
ed. And, the log of the processing executed in step S47 
is kept stored in the RAM 67, thereby the processing is 
terminated. 

[0181] In case correct authentication has not been 
performed in step S43 or in case it has been determined 
in step S45 that the accessing right to the relevant file 
(the accessing right for accessing the addition process- 
ing) is not permitted, in step S49 the same processing 
as in the step S10 of FIG. 12 is executed, thereby the 
processing is terminated. 

[0182] For example, it may be arranged that the issuer 
A of the IC card 2 can provide through the use of the 
issuer A's managed terminal apparatus the following 
service. Namely, the service of adding the for-specific- 
use-operation service point explained using the flow 
chart of FIG. 14 at the time of the filling with respect to 
the for-joint-use-operation electronic value explained 
using the flow chart of FIG. 13. In this case, the control 
part 1 01 of the controller 3 operates on the filling amount 
of money with respect to the for-joint-use-operation 
electronic value that the user has input using the input 
part 1 03 of the controller 3. The control part 101 accord- 
ing to that filling amount calculates the adding amount 
corresponding to the for-specific-use-operation service 
point, for example, using a prescribed calculation meth- 
od of calculating 5% of that filling amount. The control 
part 1 01 thereby outputs it to the reader/writer 1 via the 
internal bus 102, and network interface 107. 
[0183] The write-in process forthe for-joint-use-oper- 
ation electronic value and for-specific-use-operation 
service point will now be explained with reference to the 
flowchart of FIG. 15. 

[0184] In step S61 , the reader/writer 1 of the terminal 
apparatus detects the iC card 2 that has mounted there- 
to. It then has input thereto from the controller 3 the fol- 
lowing. Namely, the filling amount of for-joint-use-oper- 
ation electronic value and the adding amount corre- 
sponding to the for-specific-use-operation service point 
determined correspondingly to that filling amount, that 
the user has input using the input part 103 of the con- 
troller 3. Namely, the object-to-be-opened file is the for- 
joint-use-operation electronic value file and the for-spe- 
cific-use-operation service point file. And the filling 



amount of for-joint-use-operation electronic value and 
the adding amount corresponding to the for-specific- 
use-operation service point are input to the DPU 31 via 
the SCC 33 and the bus 35. 

[0185] The DPU 31 of the reader/writer 1 of the termi- 
nal apparatus, in step S62 and in step S63, executes 
the same pieces of processing as in the step S3 and in 
the step S4 of FIG. 12. In case it has been determined 
in step S63 that correct authentication has not been per- 
formed; the processing proceeds to step S69. 
[0186] In case it has been determined in step S63 that 
correct authentication has been performed (i.e. in case 
the IC card 2 is the issuer A's issued IC card 2), in step 
S64 the DPU 31 of the reader/ writer 1 produces the 
following control signal. The control signal for gaining 
the accessing right for the for-common-use-operation 
electronic value file and for-specific-use-operation serv- 
ice point file recorded in the specific area of the EEP- 
ROM 66 of the IC card 2. (The control signal including 
the service code corresponding to the for-common-use- 
operation electronic value file and for-specific-use-op- 
eration service point file). It then transmits it to the IC 
card 2 via the bus 35, SPU 32, modulator circuit 23. and 
antenna 27. 

[0187] It is to be noted that the real file of the for-joint- 
use-operation electronic value file stored in the specific 
area of the EEPROM 66 of the IC card 2 is recorded in 
the common area. And that real file is linked with the for- 
joint-use-operation electronic value file recorded in the 
specific area. Also, the for-specific-use-operation serv- 
ice point file stored in the specific area of the EEPROM 
66 of the IC card 2 is the application stored only in the 
specific area. The SPU 32 receives the response signal 
from the IC card 2 via the antenna 27 and the demodu- 
lator circuit 25, and inputs the response result thereof 
to the DPU 31 via the bus 35. 

[0188] In step S65, the DPU 31 of the reader/writer 1 
determines, according to the response signal input in 
step S64 from the IC card 2, whether it has had permit- 
ted thereto the following rights to access. Namely, the 
right to access the addition processing for the amount 
of value the addition of that is performed using the for- 
joint-use-operation electronic value file and the right to 
access the addition processing that is executed using 
the for-joint-use-operation service point file. In case it 
has been determined in step S65 that the accessing 
right is not permitted, the processing proceeds to step 
S69. 

[01 89] In case it has been determined in step S65 that 
the accessing right is permitted, in step S66 the DPU 31 
of the reader/ writer 1 produces the following control sig- 
nal according to the following indication signals. These 
indication signals are the ones that respectively indicate 
the filling amount of for-joint-use-operation electronic 
value and the adding amount of for-specific-use-opera- 
tion service point, each of that has been input in step 
S61 . That control signal is the one for opening the for- 
joint-use-operation electronic value file (i.e. real file) 
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linked with the for-joint-use-operation electronic value 
file in the specific area disposed in the EE PROM 66 of 
the IC card 2.and the for-specific-use-operation service 
point file in the specific area. The DPU 31 transmits that 
control signal to the I C card 2 via the bus 35, SPU 32, 
modulator circuit 23, and antenna 27 jointly with the spe- 
cific key A. 

[0190] In step S67, the DPU 31 of the reader/writer 1 
operates on the filling amount that is added to the for- 
joint-use-operation electronic value and has been input 
in step S61 . The DPU 31 according to that filling amount 
that is added to the for-joint-use-operation electronic 
value executes the filling process with respect to the for- 
joint-use-operation electronic value and the addition 
processing corresponding to the for-specific-use-oper- 
ation service point. Namely, the DPU 31 produces the 
following control signals. Namely, one control signal is 
the one for adding the filling amount for the for-joint-use- 
operation electronic value input from the controller to the 
remainder of the for-joint-use-operation electronic value 
recorded in the for-joint-use-operation electronic value 
file registered in the common area of the IC card 2. The 
other control signal is the one for adding the adding 
amount corresponding to the for-specific-use-operation 
service point input from the controller 3 to the remainder 
of the for-specific-use-operation service point recorded 
in the for-specific-use-operation service point file regis- 
tered in the specific area. The DPU 31 then transmits 
them to the IC card 2 via the bus 35, SPU 32, modulator 
circuit 23, and antenna 27. 

[0191] The antenna 53 of the IC card 2 receives the 
ASK modulated signal corresponding to the control sig- 
nal transmitted from the reader/writer 1 and supplies it 
to the interface part 61 . Prescribed pieces of processing 
thereby are executed in the interface part 61 f BPSK de- 
modulation part 62, and calculation part 64. Then, the 
control signal that has been transmitted from the reader/ 
writer 1 is input to the sequencer 91 . Then the sequenc- 
er 91 according to the control signal input thereto chang- 
es the remainders of the for-joint-use-operation elec- 
tronic value and for-specific-use-operation service point 
recorded in the EEPROM 66. 

[0192] In step S68, the DPU 31 of the reader/writer 1 
records the log of the processing executed in step S67 
into the RAM 42 of the memory 34 of the reader/writer 
1 as a case of utilizing the specific key A. The DPU 31 
also produces a control signal for recording the same 
log into the RAM 67 of the IC card 2, and transmits it to 
the IC card 2 via the bus 35, SPU 32, modulator circuit 
23, and antenna 27. The antenna 53 of the IC card 2 
receives the ASK modulated signal corresponding to the 
control signal transmitted from the reader/writer 1 and 
supplies it to the interface part 61 . Thereby, in the inter- 
face part 61 , BPSK demodulation part 62, and calcula- 
tion part 64, a prescribed piece of processing is execut- 
ed. And, the log of the processing executed in step S67 
is kept stored in the RAM 67, thereby the processing is 
terminated. 
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[0193] In case correct authentication has not been 
performed in step S63 or in case it has been determined 
in step S65 that the accessing right to the relevant file 
(the accessing right for accessing the addition process- 
5 ing) is not permitted, in step S69 the same processing 
as in the step S10 of FIG. 12 is executed, thereby the 
processing is terminated. 

[0194] Next, with reference to FIG. 16, there will be 
explained the right to access the application for execut- 
10 ing pieces of processing on the for-joint-use-operation 
electronic value and for-specific-use-operation service 
point. 

[0195] For example, assume that a for-joint-use-op- 
eration electronic value of 1 000 yen be registered in the 

15 common area of the company A's issued IC card 2 and 
that a for-specific-use-operation service point of 50 
points (corresponding to 50 yen) be registered in the 
specific area. In this case, regarding the for-joint-use- 
operation electronic value and for-specific-use-opera- 

20 tion service point that each are registered in the enter- 
priser A's issued IC card 2, using the specific key A reg- 
istered in the company A's terminal apparatus 131-1 , it 
is possible to access the application for executing each 
of the addition processing and subtraction processing 

25 concerned therewith. (In case in the company A's termi- 
nal apparatus 131-1 access is had to the application 
concerned with the for-joint-use-operation electronic 
value by the use of the registered specific key A, in ac- 
tuality access is had to the application concerned with 

30 the for-joint-use-operation electronic value in the com- 
mon area, by way of the linked portion in the specific 
area.) 

[01 96] However, in the co-operating company B's ter- 
minal apparatus 1 31 -2 ; it is certainly possible to access 

35 the application for executing the subtraction processing 
with respect to the for-joint-use-operation electronic val- 
ue by using the common key K !F registered therein. 
However, that terminal apparatus does not have the 
right to access the application for executing the addition 

40 processing with respect to the for-joint-use-operation 
electronic value and that for executing the processing 
with respect to the for-specific-use-operation service 
point registered in the specific area. That is to say, as- 
sume that the user has paid 200 yen by using the en- 

45 terpriser A's managed terminal apparatus 131-1. In this 
case, it results that the user pays 200 yen from the 
amount of money of 1 050 yen that is obtained by adding 
up the two service blocks. But, in case the user has paid 
200 yen through the use of the company B's managed 

50 terminal apparatus 131-2, it results that the user pays 
200 yen from the 1000 yen in the common area. 
[0197] Next, there will be explained with reference to 
the flow chart of FIG. 1 7 the point/value utilization proc- 
ess in the case where the company A's issued IC card 

55 2 has been used in an object store with respect to that 
the specific-use-operation of the IC card 2 is permitted. 
(This object store, for example, is the one that is 
equipped with the company A's managed terminal ap- 
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paratus 131-1 in FIG. 16.) 

[0198] In step S81 , the reader/writer 1 of the terminal 
apparatus detects the IC card 2 that has been mounted 
thereto. Then the reader/writer 1 has input thereto the 
amount of money that the store has utilized and that the 5 
user has input from the controller 3 by the use of the 
input part 103 thereof. Namely, the object-to-be-opened 
file is the for-joint-use-operation electronic value file and 
for-specific-use-operation service point file each of that 
can be utilized for purchasing an item of goods in the 
object store with respect to that the specific-use-opera- 
tion of the IC card 2 is permitted. And the user's utilizing 
amount of money, i.e. a sum total of the subtracting 
amount of money corresponding to the for-joint-use-op- 
eration electronic value and the subtracting amount of 
money corresponding to the for-specific-use-operation 
service point is input to the DPU 31 via the SCC 33 and 
bus 35. 

[0199] The DPU 31 of the reader/writer 1 of the termi- 
nal apparatus, in step S82 and in step S83, executes 
the same pieces of processing as in the step SB2 and 
in the step S83 of FIG. 12. In case it has been deter- 
mined in step S83 that correct authentication has not 
been performed, the processing proceeds to step S91 . 
[0200] In case it has been determined in step S83 that 
correct authentication has been performed (i.e. in case 
the IC card 2 is the issuer A's issued IC card 2), in step 
S84 the same processing as in step S64 of FIG. 15 is 
executed. 

[0201] In step S85, the DPU 31 of the reader/writer 1 
determines, according to the signal input in step S84 
from the IC card 2, whether it has had permitted thereto 
the following rights to access. Namely, the right to ac- 
cess the subtraction processing for the amount of value 
the subtraction of that is performed using the for-joint- 
use-operation electronic value file and the right to ac- 
cess the subtraction processing that is executed using 
the for-joint-use-operation service point file. In case it 
has been determined in step S85 that the accessing 
right is not permitted, the processing proceeds to step 
S91. 

[0202] In case it has been determined in step S85 that 
the accessing right is permitted, in step S86 the DPU 31 
of the reader/ writer 1 produces the following control sig- 
nal. The control signal for opening the for-joint-use-op- 
eration electronic value file (i.e. real file) in the common 
area linked with the for-joint-use-operation electronic 
value file in the specific area disposed in the EEPROM 
66 of the IC card 2 and the for-specific-use-operation 
service point file in the specific area. The DPU 31 trans- 
mits that control signal to the IC card 2 via the bus 35, 
SPU 32, modulator circuit 23, and antenna 27 jointly with 
the specific key A. 

[0203] In step S87, the DPU 31 of the reader/writer 1 
reads in from the for-joint-use-operation electronic val- 
ue file (i.e. real file) in the common area and the for- 
specific-use-operation service point file in the specific 
area, which have been opened in step S86, the following 



amounts of money. Namely, the amount of money cor- 
responding to the for-joint-use-operation electronic val- 
ue and that corresponding to the for-specific-use-oper- 
ation service point. The DPU 31 thereby calculates a 
utilizable range of the amounts of money (i.e. a sum of 
the amount of money corresponding to the for-joint-use- 
operation electronic value and that corresponding to the 
for-specific-use-operation service point.). Thereby, the 
DPU 31 according to the signal indicating the user's uti- 
lizing amount of money determines whether his utilizing 
amount of money is within the utilizable range input in 
the step S81 . In case it has been determined in step S87 
that his utilizing amount of money is not within the uti- 
lizable range, the processing proceeds to step S91 . 
[0204] In case it has been determined in step S78 that 
the utilizing amount of money is within the utilizable 
range, in step S88 the DPU 31 of the reader/writer 1 
calculates the subtracting amount of money to be sub- 
tracted from each of the for-joint-use-operation elec- 
tronic value and the for-specific-use-operation service 
point, according to the user's utilizing amount of money 
that has been input in step S81 . In calculating that sub- 
tracting amount of money, there may be adopted the fol- 
lowing methods. Namely, it may be arranged to prefer- 
entially perform the subtraction from the for-specific- 
use-operation service point. Or it may be arranged that 
the subtraction ratio between the for-joint-use-operation 
electronic value and the for-specific-use-operation serv- 
ice point be able to be set through the user's operation. 
[0205] In step S89, the DPU 31 of the reader/writer 1 
executes the subtraction process for the for-joint-use- 
operation electronic value and that for the for-specific- 
use-operation service point. Namely, the DPU 31 pro- 
duces a control signal for subtracting the utilizing 
amount of money corresponding to the for-joint-use-op- 
eration electronic value and that for the for-specific-use- 
operation service point, each of that has been calculated 
in step S88, from the following remainders. Namely, one 
remainder is the one of the for-joint-use-operation elec- 
tronic value recorded in the for-joint-use-operation elec- 
tronic value file that is registered in the common area of 
the IC card 2. The other remainder is the one of the by- 
specific-use-operation service point recorded in the for- 
specific-use-operation service point file that is regis- 
tered in the specific area. The DPU 31 thereby transmits 
that control signal to the IC card 2 via the bus 35, SPU 
32, modulator circuit 23, and antenna 27. 
[0206] The antenna 53 of the IC card 2 receives the 
ASK modulated signal corresponding to the control sig- 
nal transmitted from the reader/writer 1 and supplies it 
to the interface part 61 . 

Prescribed pieces of processing thereby are executed 
in the interface part 61 , BPSKdemodulation part 62, and 
calculation part 64. Then, the control signal that has 
been transmitted from the reader/writer 1 is input to the 
sequencer 91 . Then the sequencer 91 according to the 
control signal input thereto changes the remainders of 
the for-joint-use-operation electronic value and for-spe- 
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cific-use-operation service point recorded in the EEP- 
ROM 66. 

[0207] In step S90, the DPU 31 of the reader/writer 1 
records the log of the processing executed in step S89 
into the RAM 42 of the memory 34 of the reader/writer 
1 as a case of utilizing the specific key A. The DPU 31 
also produces a control signal for recording the same 
log into the RAM 67 of the IC card 2, and transmits it to 
the IC card 2 via the bus 35, SPU 32, modulator circuit 
23, and antenna 27. The antenna 53 of the IC card 2 
receives the ASK modulated signal corresponding to the 
control signal transmitted from the reader/writer 1 and 
supplies it to the interface part 61 . Thereby, in the inter- 
face part 61 , BPSK demodulation part 62, and calcula- 
tion part 64, a prescribed piece of processing is execut- 
ed. And, the log of the processing executed in step S89 
is kept stored in the RAM 67, thereby the processing is 
terminated. 

[0208] In case correct authentication has not been 
performed in step S83 or in case it has been determined 
in step S85 that the accessing right to the relevant file 
(the accessing right for accessing the subtraction 
processing) is not permitted, or it has been determined 
in step S87 that the utilizing amount of monoy is not with- 
in the utilizable range, in step S91 the same processing 
as in the step S10 of FIG. 12 is executed, thereby the 
processing is terminated. 

[0209] Next, there will be explained with reference to 
the flow chart of FIG. 18 the electronic value utilization 
process that is executed by the following object store 
with respect to that the joint use operation is permitted. 
(That store is the one equipped with the terminal appa- 
ratus 131-2 that is managed by, for example, the com- 
pany B in FIG. 16 that is other than the issuer of the IC 
card 2). 

[0210] In stepS 101, the reader/writer 1 of the terminal 
apparatus detects the IC card 2 that has been mounted 
thereto. Then, the reader/writer 1 has input thereto from 
the controller 3 the utilizing amount in the store the user 
has input using the input part 103 of the controller 3. 
Namely, the object-to-be-opened file is a for-joint-use- 
operation electronic value file that can be utilized for pur- 
chasing an item of goods in the object store with respect 
to that the joint use operation is permitted. And the us- 
er's utilizing amount of money, i.e. the subtracting 
amount of money with respect to the for-joint- use- oper- 
ation electronic value is input to the DPU 31 via the SCC 
33 and the bus 35. 

[0211] The DPU 31 of the reader/writer 1 of the termi- 
nal apparatus, in step S102 and in step S103 ; executes 
the same pieces of processing as in the step S11 and 
in the step S12 of FIG. 12. In case it has been deter- 
mined in step S103 that correct authentication has not 
been performed, the processing proceeds to step S1 1 1 . 
[0212] In case it has been determined in step S103 
that correct authentication has been performed (namely, 
in case the IC card 2 has been the one that is able to be 
authenticated using the common key K, F ) f the DPU 32 



of the reader/writer 31 in step S1 04 produces the follow- 
ing control signal. (The control signal includes the serv- 
ice code corresponding to the for-joint-use-operation 
electronic value file). That control signal is the one for 

5 gaining the right to access the for-joint-use-operation 
electronic value file and the for-joint-use-operation serv- 
ice point file recorded in the specific area of the EEP- 
ROM 66 of the IC card 2. The DPU 31 then transmits 
that control signal to the IC card 2 via the bus 35, SPU 

10 32, modulator circuit 23, and antenna 27. 

[0213] In step S105, the DPU 31 of the reader/writer 
1 determines, according to the signal input in step S1 04 
from the IC card 2, whether the terminal apparatus has 
permitted thereto the right to access the application cor- 

15 responding to the subtraction processing for the sub- 
tracting amount of value with respect to the for-joint-use- 
operation electronic value file. In case it has been de- 
termined in step S1 05 that the terminal apparatus does 
not have permitted thereto the accessing right, the 

20 processing proceeds to step S1 1 1 . 

[0214] In case it has been determined in step S105 
that the accessing right is permitted, the DPU 31 of the 
reader/writer 1 in step S1 06 produces the following con- 
trol signal . Namely, the control signal for opening the for- 

25 joint-use-operation electronic value file in the common 
area, which file is disposed in the EEPROM of the IC 
card 2. Then the DPU 31 transmits that control signal to 
the IC card 2 together with the common key K, F via the 
bus 35, SPU 32, modulator circuit 23, and antenna 27. 

30 The SPU 32 receives the response signal from the IC 
card 2 via the antenna 27 and demodulator circuit 25, 
and inputs the response signal thereof to the DPU 31 
via the bus 35. 

[0215] In step S107, the DPU 31 of the reader/writer 

35 i reads in the for-joint- use- ope ration electronic value re- 
mainder from the for-joint-use-operation electronic val- 
ue file in the common area that has been opened rn step 
S106. Thereby, the DPU 31 according to the signal in- 
dicating the user's utilizing amount of money determines 

40 whether his utilizing amount of money is within the uti- 
lizable range (the range defined by the for-joint-use-op- 
eration electronic value remainder). In case it has been 
determined in step S107 that his utilizing amount of 
money is not within the utilizable range, the processing 

45 proceeds to step S1 1 1 . 

[0216] In case It has been determined in step S107 
that the utilizing amount of money is within the utilizable 
range, in step S108 the DPU 31 of the reader/writer 1 
calculates the subtracting amount of money with respect 

so to the for-joint-use-operation electronic value according 
to the user's utilizing amount of money that has been 
input in step S101 . 

[0217] In step S109, the DPU 31 of the reader/writer 
1 executes the subtraction process for the for-joint-use- 
55 operation electronic value. Namely, the DPU 31 produc- 
es a control signal for subtracting the utilizing amount of 
money corresponding to the for-joint-use-operation 
electronic value that has been calculated in step S1 08, 
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from the following remainder. Namely, the remainder of 
the for-joint-use-operation electronic value recorded in 
the for-joint-use-operation electronic value file that is 
registered in the common area of the IC card 2. The DPU 
31 thereby transmits that control signal to the IC card 2 
via the bus 35, SPU 32, modulator circuit 23, and an- 
tenna 27. 

[0218] The antenna 53 of the IC card 2 receives the 
ASK modulated signal corresponding to the control sig- 
nal transmitted from the reader/writer 1 and supplies it 
to the interface part 61 . 

Prescribed pieces of processing thereby are executed 
in the interface part 61 , BPSK demodulation part 62 , and 
calculation part 64. Then, the control signal that has 
been transmitted from the reader/writer 1 is input to the 
sequencer 91 . Then the sequencer 91 according to the 
control signal input thereto changes the remainder of the 
for-joint-use-operation electronic value recorded in the 
EEPROM 66. 

[0219] In step S110, the DPU 31 of the reader/writer 
1 records the log of the processing executed in step 
S109 into the RAM 42 of the memory 34 of the reader/ 
writer 1 as a case of utilizing the common key K tF . The 
DPU 31 also produces a control signal for recording the 
same log into the RAM 67 of the IC card 2, and transmits 
it to the IC card 2 via the bus 35, SPU 32, modulator 
circuit 23, and antenna 27. The antenna 53 of the IC 
card 2 receives the ASK modulated signal correspond- 
ing to the control signal transmitted from the reader/writ- 
er 1 and supplies it to the interface part 61 . Thereby, in 
the interface part 61, BPSK demodulation part 62, and 
calculation part 64, a prescribed piece of processing is 
executed. And, the log of the processing executed in 
step S109 is kept stored in the RAM 67, thereby the 
processing is terminated. 

[0220] in case correct authentication has not been 
performed in step S103 or in case it has been deter- 
mined in step S1 05 that the accessing right to the rele- 
vant file (the accessing right for accessing the subtrac- 
tion processing) is not permitted, or it has been deter- 
mined in step S107 that the utilizing amount of money 
is not within the utilizable range, in step S111 the same 
processing as in the step S10 of FIG. 12 is executed, 
thereby the processing is terminated. 
[0221] In each of the processes that have been ex- 
plained with reference to the flow charts of FIGS. 1 7 and 
18, the log of the utilization is recorded by being classi- 
fied in units of a key that is used. As a result of this, the 
settlement corresponding to the utilization (local utiliza- 
tion) of the IC card 2 based on the use of the specific 
key can be performed within a relevant company's sys- 
tem. 

[0222] And, it may be arranged that, in order to exe- 
cute the settlement processing corresponding to the 
joint utilization, the log of the utilization in the case where 
the IC card 2 has been utilized using the common key 
K,p be gathered at the above-described IC card center. 
It may thereby be arranged that the settlement process- 



ing corresponding to the joint utilization be executed by 
the IC card center. It may thereby be arranged that the 
settlement information indicating the result of the settle- 
ment processing be notified to each of the respective 

5 co-operating managers. Assume now that a company A 
be the issuer of the IC card 2 and that a company B be 
a company with that the company A co-operates. Then, 
there are, for example, the following two recovery meth- 
ods for recovering the log of the utilization correspond- 

10 ing to the utilization of the common key K )F . One recov- 
ery method is that,- as illustrated in FIG. 19A, the com- 
pany A's terminal apparatus 131-1 supplies the whole 
utilization log to the company A's managed personal 
computer 141-1. And, of the whole utilization log that 

is has been input, the personal computer 141 -1 transmits 
the log in the case where the IC card has been utilized 
using the common key K, F to a personal computer 141-3 
of the IC card center. The other recovery method is that, 
as illustrated in FIG. 19B, the company A's terminal ap- 

20 paratus 1 31 -1 the log in the case where the IC card has 
been utilized using the common key K, F , directly, to the 
personal computer 141-3 of the IC card center. 
[0223] The personal computer 141-3 of the IC card 
center has input thereto the log in the case whore the 

25 ic card 2 has been utilized using the common key K, F . 
The personal computer 141-3 thereby executes the set- 
tlement processing corresponding to the joint utilization. 
The personal computer 141-3 thereby supplies the set- 
tlement information, which is the result of the executed 

30 settlement processing, to the personal computer 1 41 -1 
of the company A, which is the issuer of the IC card 2, 
and the personal computer 141-2 of the company B, 
which is the company with that the company A co-oper- 
ates. 

35 [0224] FIG. 20 is a block diagram illustrating the con- 
struction of the personal computer 1 41 -1 . It is to be not- 
ed that the construction of the personal computers 
141-2 and 141-3 is the same as that of the personal 
computer 141-1 . Therefore, an explanation of that con- 

40 struction will be omitted. 

[0225] The CPU 151 has input thereto signals that 
correspond to various kinds of instructions the user has 
input using the input part 154, by way of an input/output 
interface 1 52 and an internal bus 1 53. The CPU 1 51 also 
has input thereto a control signal that the other personal 
computers, etc. have transmitted, by way of the network 
interface 160. The CPU 151 thereby executes various 
kinds of pieces of processing that are based on the use 
of the signals that have been input thereto. The ROM 

so 155 has stored therein data that are basically fixed of 
the programs and calculation parameters the CPU 151 
uses. The RAM 1 56 has stored therein the programs the 
CPU 1 51 executes uses in its operation and the param- 
eters that suitably vary during the execution of the op- 

55 erationof the CPU 151. The CPU 151, ROM 155, and 
RAM 1 56 are connected to one another by means of an 
internal bus 153. 

[0226] The internal bus 153 is connected also to the 
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input/output interface 152 as well. The input part 154 
consists, for example, of a keyboard or mouse that when 
inputting various kinds of instruction commands to the 
CPU 151 the user operates. The display part 157 con- 
sists, for example, of a CRT or the like, and the display 
thereof is performed with the use of various kinds of 
items of information, texts, or images. A HDD (hard disk 
drive) 158 drives a hard disk and causes the hard disk 
to record therein or reproduce therefrom the program or 
information the CPU 151 executes. With respect to a 
drive 159, as the necessity arises, there is mounted a 
magnetic disk 161, an optical disk 162, a magneto-op- 
tical disk 163, or a semi conductor memory 164. There- 
by tranmission/reception of data is performed between 
the both. 

[0227] The network interface 160 is connected to a 
LAN (Local Area Network) by the use of, for example, a 
prescribed interface cable, etc. The network interface 
160 is connected to a wide-band network such as, for 
example, an Internet communication network through 
the telephone lines not illustrated. The network interface 
160 thereby performs data transmission/reception to 
and from, for example, the terminal apparatus 131 , per- 
sonal computer 141-2, personal computer 141-3, etc. 
[0228] These elements from the input part 1 54 to the 
network interface 160 are each connected to the CPU 
1 51 by way of the input/output interface 1 52 and the in- 
ternal bus 153. 

[0229] Next, an explanation will be given of the settle- 
ment process (FIG. 19 A) that is executed between the 
company A that is the issuer of the IC card 2 and the 
company B in the following case with reference to FIG. 
21 . Namely, the case where the company A's terminal 
apparatus 131-1 supplies all the utilization logs to the 
issuer A's personal computer 141-1 and this computer 
141-1 transmits to the IC card center the utilization logs 
based on the use of the common key K, F . 
[0230] In step S 121 , the control part 1 01 of the con- 
troller 3 of the company A's managed terminal appara- 
tus 131-1 reads in via the network interface 1 07 and the 
internal bus 102 the utilization log recorded in the RAM 
42 of the reader/writer 1 . (That utilization log is, for ex- 
ample, the one that is recorded through the execution 
of the step S28 of FIG. 13, the step S48 of FIG. 14, the 
step S68 of FIG. 15, the step S90of FIG. 17, or the step 
S110 of FIG. 18.) Thereafter, the control part 101 sup- 
plies that utilization log to the company A's personal 
computer 1 41 -1 via the internal bus 1 02 and the network 
interface 107. 

[0231] In step S122, the CPU 151 of the personal 
computer 141-1 analyzes the utilization log input thereto 
via the network interface 1 60, input/output interface 1 52, 
and internal bus 153. The CPU 151 thereby classifies it 
into the log utilized using the common key A and the log 
utilized using the common key K, F . 
[0232] In step S123, the CPU 151 of the personal 
computer 141-1 determines according to the analysis 
result in step S122 whether the utilization based on the 



use of the common key K (F has been performed. 
[0233] In step S123, in case it has been determined 
that no utilization based on the use of the common key 
K,p has been performed, the CPU 1 51 in step S1 24 per- 

5 forms the following settlement. Namely, the settlement 
corresponding to the local utilization based on the use 
of the specific key A, i.e. the local utilization that has 
been performed using the IC card 2 a relevant company 
itself has issued and using the terminal apparatus 131 -1 

10 this relevant company itself manages. 

[0234] Assume next that it has been determined in 
step S123 that the utilization based on the use of the 
common key K, F has been performed. Then, the CPU 
151 notifies the utilization log corresponding to the com- 

15 mon key K, F to the personal computer 141-3 of the IC 
card center via the internal bus 153, input/output inter- 
face 1 52, and network interface 1 60. Then the CPU 151 
executes the above-described processing in the step 
S124. 

20 [0235] In step S126, the CPU 151 of the personal 
computer 1 41 -3 of the IC card center has notified thereto 
the utilization log corresponding to the common key K JF 
the personal computer 141-1 has transmitted in step 
S125. This notification is made via the network interface 

25 160, input/output interface 152, and internal bus 153. 
The CPU 151 of the personal computer 141 -3 of the IC 
card center has received therein not only the notification 
from the company A that has been made in step S125 
but also the notification from each enterpriser to that the 

30 company A is contracted. 

[0236] In step S127, the CPU 151 of the personal 
computer 141-3 analyzes the input utilization log corre- 
sponding to the common key Kj F in each enterpriser's 
terminal apparatus by a method of, for example, classi- 
cs tying and calculating it every utilizing enterpriser. 

[0237] In step S128, the CPU 151 of the personal 
computer 141-3 converts the mutual utilization (enter- 
priser-to-enterpriser J s) relationship into a matrix every 
issuer of the IC card according to the analyses results 

40 in stepS 127. 

[0238] In step S129, the CPU 151 of the personal 
computer 1 41 -3 produces the settlement information for 
being notified to each company, by the use of the matrix 
of the mutual or joint utilization (enterpriser-to-enterpris- 

45 er's) relationship having been produced in step S128. 
The CPU 151 then notifies that information to the com- 
pany A's personal computer 141-1 and company B's 
personal computer 1 41 -2 via the internal bus 1 53, input/ 
output interface 152, and network interface 160. 

so [0239] In step S130, the CPU 151 of the personal 
computer 1 41 -1 receives the settlement information cor- 
responding to the mutual utilization the personal com- 
puter 141-3 has transmitted in step S129, via the net- 
work interface 160, input/output interface 152, and in- 

ss ternal bus 153. Similarly, in step S132, the CPU 151 of 
the personal computer 141 -2 receives the settlement in- 
formation corresponding to the mutual utilization the 
personal computer 141-3 has transmitted in step S129, 
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via the network interface 160, input/ output interface 
152, and internal bus 153. Here in this context of the 
specification, explanation is made under the assump- 
tion that mutual utilization has been performed between 
the companies A and B. 

[0240] In step S131, the CPU 151 of the personal 
computer 141-1 acts or operates on the settlement in- 
formation corresponding to the mutual utilization that it 
has received in step S1 30 : as follows. Namely, that CPU 
1 51 , for example, accesses the server not illustrated of 
a prescribed banking system via the Internet lines, etc. 
That CPU 151 thereby executes the settlement process- 
ing through which to confirm, for example, the transfer 
with respect to the company B or the receipt from the 
company B. Similarly, in step S1 33, the CPU 151 of the 
personal computer 141 -2 operates on the settlement in- 
formation corresponding to the mutual utilization that it 
has received in step S130. That CPU 151 thereby exe- 
cutes the settlement processing through which lo con- 
firm, for example, the transfer with respect to the com- 
pany A or the receipt from the company A. 
[0241] Next, with reference to the flow chart of FIG. 
22, an explanation will be given of the settlement 
processing between the companies A and B (FIG. 19B) 
that is executed in the following case. Namely, the case 
where the log that is obtained when the terminal appa- 
ratus 1 31 -1 of the company A which is the issuer of the 
IC card 2, has been utilized using the common key K, F 
is directly transmitted to the IC card center. 
[0242] In step S141 , the control part 101 of the con- 
troller 3 of the terminal apparatus 1 31 -1 reads in the uti- 
lization log that is recorded in the RAM 42 of the reader/ 
writer 1 via the network interface 107 and the internal 
bus 1 02. The control part 1 01 then classifies that log into 
the one corresponding to the utilization performed using 
the specific key A and the one corresponding to the uti- 
lization performed using the common key K F . 
[0243] In step S142, the control part 101 of the con- 
troller 3 of the terminal apparatus 131 -1 notifies, of the 
utilization logs classified in step S141, the log corre- 
sponding to the utilization performed using the common 
key K, F to the personal computer 141-3 of the IC card 
center. This notification is made via the internal bus 1 02 
and the network interface 107. 

[0244] In step S143, the control part 101 of the con- 
troller 3 of the terminal apparatus 1 31 -1 supplies, of the 
utilization logs classified in step S141, the log corre- 
sponding to the utilization performed using the specific 
key A to the personal computer 141-1 of the company 
A. This supply is made via the internal bus 1 02 and the 
network interface 107. 

[0245] The CPU 151 of the personal computer 141-1 
has input thereto in step S144 the log corresponding to 
the utilization performed using the specific key A via the 
network interface 160, input/output interface 152, and 
internal bus 153. The CPU 151 thereby in step S145 
executes the settlement corresponding to the local uti- 
lization through the same process as in the case of the 



stepS124 of FIG. 21. 

[0246] In step S146, the CPU 151 of the personal 
computer 1 41 -3 of the IC card center has notified thereto 
via the network interface 1 60, input/output interface 1 52 , 

5 and internal bus 153 the following utilization log. Name- 
ly, the utilization log corresponding to the common key 
K lF the reader/writer 1 of the company A's terminal ap- 
paratus 131-1 has transmitted in step S142. The CPU 
1 51 of the personal computer 1 41 -3 of the IC card center 

10 receives not only the notification from the company A 
but also the notification from each enterpriser that the 
company A is contracted to. 

[0247] In step S 147 to step S153, the same pieces of 
processing as those in the steps S127 to step S133 ex- 
15 plained using FIG. 21 are executed, whereby the settle- 
ment processing is executed between the companies A 
and B. 

[0248] In the settlement system that has been ex- 
plained using FIGS. 21 and 22, only necessary informa- 

20 tion alone (i.e. the utilization log corresponding to the 
common key K IF ) is transmitted to the personal compu- 
ter 141 -3 of the IC card center. Therefore, it is unneces- 
sary that the personal computer 141-3 of the IC card 
center manages all the transactions. Namely, the per- 

25 sonal computer 141-3 of the !C card center has only to 
receive the transactions corresponding to the mutual uti- 
lization from each enterpriser and distribute the proc- 
essed results thereof to each enterpriser. Therefore, it 
is possible to mitigate the processing burden upon the 

30 ic card center. Further, the transactions corresponding 
to the specific utilization can be settled only on the side 
of the company A that is the issuer of the IC card 2. 
Therefore, the IC card 2-issuing enterpriser's system (e. 
g. the personal computer 141-1) has only to be struc- 

35 tured correspondingly to the amount of transactions that 
occur from the specific utilization. 
[0249] Next, using FIG. 23, an example wherein the 
IC card system having applied thereto the present in- 
vention is applied to the cash card of the financial insti- 

40 tution such as a bank will be explained. 

[0250] Assume for example that the common area of 
the IC card 2 issued by a bank C has registered therein 
a bank code and an account number. And assume also 
that the specific area thereof has registered therein a 

45 specific application peculiar to the bank C, personal in- 
formation, and remainder. In this case, regarding the 
bank code, account number, specific application, per- 
sonal information, and remainder, registered in the bank 
C issued IC card 2, read-out and rewrite of data arepos- 

50 sible with use of the specific key C . Namely, with respect 
to those respective items of information, read-out and 
rewrite of data (i.e. the addition and subtraction of data) 
can be performed using the specific key C registered in 
the bank C's terminal apparatus 131-3. It is to be noted 

55 that in case in the bank C's terminal apparatus access 
is had to the application in the common area by using 
the specific key C access is actually had to the applica- 
tion in the common area via the linked portion in the spe- 
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cific area. This method of accessing is the same as in 
the case explained using FIG. 16. (In the following de- 
scription, in case access is had to the application in the 
common area by using the specific key, the methods of 
accessing are all the same.) 

[0251] On the other hand, in the co-operating bank 
D's terminal apparatus 131-4, the bank code and ac- 
count numberthat are recorded in the common area can 
certainly be read in through the use of the common key 
K,p that is registered. However, that terminal apparatus 
131-4 has no accessing right with respect to the appli- 
cation registered in the specific area. Namely, the user, 
in case he uses the bank C's managed terminal appa- 
ratus 131-3, can be given the service such as payment 
from his bank account or deposit of money into his sav- 
ings account. On the other hand, in the case of utilizing 
the terminal apparatus other enterpriser (e.g. a bank D) 
manages, the user cannot be given the service such as 
payment from his bank account or deposit of money into 
his savings account. However, the user can be given the 
service corresponding to the application in the common 
area the accessing right with respect to that has been 
permitted to that other enterpriser. (That service is, for 
example, the reference-to-remainder to the for-com- 
mon-use-operation electronic value that is recorded in 
the for-common-use-operation electronic money area, 
etc. that has been explained using FIG. 6.) 
[0252] Next, using FIG. 24, an example wherein the 
IC card system having applied thereto the present in- 
vention is applied to the fare adjustment of a railroad 
company will be explained. 

[0253] Assume that, for example : the common area 
of the IC card 2 the railroad company E has issued has 
registered therein information indicating the station at 
which a passenger (user) gets on the train, the station 
at which a passenger (user) gets off the train, and an 
SF (Stored Fare). Assume also that the specific area of 
that IC card 2 has registered therein commuter-pass in- 
formation of the railroad company E. The SF represents 
the value (i.e. the thing having the same value as that 
of the currency) that has been paid or transferred to a 
prescribed financial institution, etc. beforehand as the 
fare utilizable in the co-operated railroad company. Re- 
garding the information indicating the station at which a 
passenger (user) gets on the train and the station at 
which a passenger (user) gets off the train, SF : and com- 
muter-pass information of the railroad company E, reg- 
istered in the railroad company E's issued IC card 2, ac- 
cess can be had to the relevant applications for execut- 
ing addition and subtraction processings through the 
use of the specific key E registered in the railroad com- 
pany E's terminal apparatus 131-5. 
[0254] Certainly, in the co-operated railroad company 
F's terminal apparatus, access can be had through the 
use of the common key K, F to the following applications. 
Namely, the applications for reading out and subtracting 
of the information indicating the getting-on station and 
getting-off station and SF information, that are regis- 



tered in the common area in the railroad company E's 
issued IC card 2. However, in that terminal apparatus, 
there is no accessing right with respect to the applica- 
tions registered in the specific area. In other words, in 

5 case the user has used the terminal apparatus 131-5 
that is managed by the railroad company E, he can cer- 
tainly be given the service such as purchase of the com- 
muter pass, filling of the SF, adjustment of the fare for 
the extra distance he has ridden, etc. However, in case 

10 he uses the terminal apparatus other enterpriser (e.g. 
the railroad company F) manages, he cannot be given 
the service such as purchase of the commuter pass, fill- 
ing of the SF, etc. But he can be given the service (e.g. 
adjustment of the fare for the extra distance he has rid- 

15 den) through the use of the application in the common 
area the accessing right with respect to that has been 
permitted to that other enterpriser. 
[0255] Next, using FIG. 25, an example wherein the 
IC card system having applied thereto the present in- 

20 vention is applied to an electronic-ticket service will be 
explained. 

[0256] Assume that for example the common area of 
each of the IC cards 2 having been issued by companies 
G, H, and I has registered therein the following applica- 

25 tion. The application for write therein of ticket informa- 
tion of an event such as, for example, a concert. 
[0257] Assume that for example it be possible to per- 
form the following write-in. Namely, the company G's 
managed terminal apparatus 131-7 can write ticket in- 

30 formation into the IC card 2 via the Internet lines 171 . 
The company H's managed terminal apparatus 131-8 
can write ticket information into the IC card 2 via a data- 
writing apparatus 172 installed at a station, large-sized 
store, etc. The company I's terminal apparatus 131-9 is 

35 installed at a ticket center, etc. and can write ticket in- 
formation into the IC card 2. 

[0258] And in the terminal apparatus 131-10 of an 
event operation/ run enterpriser J co-operating with 
each of said companies G, H, and I it is only possible to 

40 read out through the use of the common key K, F regis- 
tered the following ticket information. The ticket informa- 
tion recorded in the common area. However, that termi- 
nal apparatus has no accessing right with respect to the 
application regarding the write-in of the ticket infonma- 

45 tion. That is to say, in the terminal apparatus 131-1 0 of 
the event operation/run enterpriser J, It is certainly im- 
possible to issue any ticket (write ticket information into 
the IC card 2). But it is possible to read in ticket infor- 
mation registered in the common area. Therefore, it is 

so possible to confirm that the user has purchased a ticket 
of the relevant event through the use of the terminal ap- 
paratus 131-7 to 131-9. (That purchase is followed by 
the fact that the ticket information is written into the IC 
card 2 through the intermediary of the terminal appara- 

55 tus 131-7 to 131-9.) 

[0259] Next, an example wherein the IC card system 
having applied thereto the present invention is applied 
to an off-line debit service will be explained with refer- 
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ence to FIG. 26. 

[0260] For example, in the terminal apparatus 131-11 
of a co-operating store K for providing the off-line debit 
service, it can utilize through the use of the registered 
common key K IF only the following application. The ap- 
plication for executing read-in of the code number reg- 
istered in the common area and for executing subtrac- 
tion processing of the amount trusted similarly regis- 
teredtherein. That terminal apparatus 131-11 has no ac- 
cessing right to the processing in which to perform ad- 
dition with respect to the amount trusted. Here, the 
"amount trusted" is as follows. Assume that the users 
who each possess the IC card 2 include for example a 
user M, who has an ordinary account in a bank K. The 
"amount trusted" is the one wherein a prescribed 
amount of money has been transferred from the amount 
deposited in that ordinary account to a for-use-M off-line 
debit account in the same branch office of the same 
bank. The "amount trusted" is intended to permit the uti- 
lization of the off-line debit by using that "amount trust- 
ed" as the amount mortgaged. 

[0261] Through the use of the co-operating terminal 
apparatus 131-11 for providing the off-line debit service, 
the user can be given the service of the price settlement 
executed for example when he has purchased an item 
of goods. However, the user cannot be given the service 
of that an addition (transfer) is performed with respect 
to the amount trusted. And, regarding the bank L's is- 
sued IC card 2, through the use of the bank L's managed 
terminal apparatus 131-12, access can be had to the 
application for processing addition or subtraction with 
respect to the amount trusted via the specific key L. So 
the user can enjoy the service of performing addition ( 
transfer) with respect to the amount trusted through the 
use of the bank L's managed terminal apparatus 131-12. 
[0262] The adjustment of the amount of money the us- 
er has utilized through the off-line debit service is exe- 
cuted through the use of the bank L's terminal apparatus 
131-12, for example, by preparing in the specific area 
of the IC card 2 the following application. The application 
for executing a batch process that regards the settle- 
ment of the off-line debit money The user cannot buy 
an item of goods, etc. the price of that exceeds the 
amount greater than the amount trusted. Therefore, it is 
possible to prevent the overuse of the amount trusted. 
Also, it may be arranged, for example, to necessarily 
execute the batch process of the settlement at the time 
of the transfer of the amount trusted or the reference- 
to-remainder of the amount trusted. It may thereby be 
arranged to enable the execution of the batch process 
regarding the settlement of the off-line debit service 
without user's special operation. 

[0263] In the foregoing explanation, unless using the 
IC card 2 issuer's specific key, it has been impossible to 
execute the addition processing of performing addition 
with respect to the value recorded in the IC card. That 
addition processing includes the filling processing with 
respect to the for-joint-use-operation, or commonly ac- 



cessible, electronic value. (That is, access had to the 
application corresponding to the addition processing for 
executing addition with respect to the commonly acces- 
sible electronic value.) However, it may be arranged to 

5 keep a prescribed specific key stored in the EEPROM 
66 of the IC card 2 beforehand so as to achieve the fol- 
lowing end. Namely, so as to, for example, impart to a 
prescribed specific key other than the issuer's specific 
key the accessing right to the application corresponding 

10 to the addition processing for executing the commonly 
accessible electronic value. By doing so, it may be ar- 
ranged to enable the execution of the filling processing 
with respect to the commonly accessible electronic val- 
ue through the use of the issuer's permitted terminal ap- 

15 paratus managed by a prescribed manager. 

[0264] Next, the write-in process for writing into the 
electronic value through the use of the specific key other 
than the issuer's specific key will be explained with ref- 
erence to the flow chart of FIG. 27. Here, it is assumed 

20 that the issuer A of the IC card 2 co-operates with a mon- 
ey-receipt business agent B. Assume the following case 
under that assumption. The case where the accessing 
right with respect to the application for executing the fill- 
ing process for filling the commonly accessible electron- 
's ic value in the common area recorded in the EEPROM 
66 of the issuer A's issued IC card 2 be imparted before- 
hand to the following specific key B. -The specific key B 
registered in the terminal apparatus that is managed by 
the money-receipt by-proxy-execution business agent 

30 B. By this previous imparting, the filling process of the 
commonly accessible electronic value is executed 
through the use of the money-receipt by-proxy-execu- 
tion business agent B's managed terminal apparatus. 
[0265] In step S161 , the reader/writer 1 of the terminal 

35 apparatus detects, the issuer A's issued IC card 2 that 
has been mounted. The reader/writer 1 has input thereto 
from the controller the filling amount for the commonly 
accessible electronic value that the user has input using 
the input part 1 03 of the controller 3. Namely, the object- 

40 to-be-opened file is the for-joint-use-operation, or com- 
monly accessible, electronic value file, and the filling 
amount of money with respect to the commonly acces- 
sible electronic value is input to the DPU 31 via the SCC 
33 and the bus 35. 

45 [0266] The DPU 31 of the reader/writer 1 of the termi- 
nal apparatus, in step S162, performs authentication, 
with the use of the specific key B, through the execution 
of the same processing as that in step S3 of FIG. 12. In 
step S1 63, that DPU 31 determines according to the sig- 

50 nal input in step S162 from the IC card 2 whether the 
reader/writer 1 and the IC card 2 have been correctly 
authenticated each other through the use of the specific 
key B. In case it has been determined in step S1 63 that 
correct authentication has not been performed, the 

55 processing proceeds to step S169. 

[0267] Assume that it has been determined in step 
S163 that correct authentication has been performed. 
(Namely, assume a case that the IC card 2 be the issuer 
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A's issued IC card 2 the access to that based on the use 
of the specific key B is permitted.) Then, in step S164, 
the DPI) 31 of the reader/writer 1 produces the following 
control signal. The control signal for gaining the access- 
ing right with respect to the commonly accessible elec- 5 
tronic value file recorded in the common area in the 
EEPROM 66 of the IC card 2. (That control signal in- 
cludes the service code corresponding to the commonly 
accessible electronic value file). The DPU 31 then trans- 
mits that control signal to the IC card 2 via the bus 35, 10 
SPU 32, modulator circuit 23, and antenna 27. The SPU 
32 receives the response signal from the IC card 2 via 
the antenna 27 and the demodulator circuit 25, and in- 
puts the result of the response signal to the DPU 31 via 
the bus 35. 15 
[0268] In step SI 65, the DPU 31 of the reader/writer 
1 operates on the response signal that has been input 
in step S1 64 from the IC card 2. The DPU 31 determines 
according to that response signal whether the accessing 
right to the addition processing for an amount of value 20 
that can access the commonly accessible electronic val- 
ue file is permitted. In case it has been determined in 
step S165 that the accessing right is not permitted, the 
processing proceeds to step S1 69. 

[0269] In case it has been determined in step S165 2$ 
that the accessing right is permitted, the DPU 31 of the 
reader/writer 1, in step S166, produces the following 
control signal. The control signal for opening the com- 
monly accessible electronic value file in the common ar- 
ea disposed in the EEPROM 66 of the IC card 2. Then 30 
the DPU 31 transmits it to the IC card 2 along with the 
specific key B via the bus 35, SPU 32, modulator circuit 
23, and antenna 27. 

[0270] In step S167, the DPU 31 of the reader/writer 
1 acts or operates on the filling amount of money with 35 
respect to the commonly accessible electronic value 
that the user has input in step S161 by using the input 
part 103 of the controller 3. Thereby, the DPU 31 ac- 
cording to that filling amount executes filling processing 
with respect to the commonly accessible electronic val- *o 
ue. Namely, the DPU 31 produces the following control 
signal. The control signal for adding the adding amount 
of commonly accessible electronic value that has been 
input from the controller 3 to the following commonly ac- 
cessible electronic value remainder. The remainder re- <*5 
corded in the commonly accessible electronic value file 
registered in the common area of the IC card 2. The DPU 
31 then transmits that control signal to the IC card 2 via 
the bus 35, SPU 32, modulator 23, and antenna 27. 
[0271] The antenna 53 of the IC card 2 receives the 50 
control signal and supplies it to the interface part 61. 
With respect to it, there is executed a prescribed piece 
of processing through the operations of the interface 
part 61 , BPSK demodulation part 62, and calculation 
part 64. Then, to the sequencer 91 there is input an ASK 55 
modulated signal that corresponds to the control signal 
transmitted from the reader/writer 1 . According to the 
control signal that has been input to it, the sequencer 



91 alters the remainder of the commonly accessible : or 
for-joint-use-operation, electronic value that is recorded 
in the EEPROM 66. 

[0272] In step S168, the DPU 31 of the reader/writer 
1 records, as a case of utilizing the specific key B, the 
log of the processing executed in step S167 into the 
RAM 42 of the memory 34 of the reader/writer 1 . Simul- 
taneously, the DPU 31 produces a control signal for re- 
cording the processing executed in step S167 into the 
RAM 67 of the IC card 2. It then transmits it to the IC 
card 2 via the bus 35, SPU 32, modulator circuit 23. and 
antenna 27. The antenna 53 of the IC card 2 receives 
the ASK modulated signal corresponding to the control 
signal transmitted from the reader/ writer 1 , and supplies 
it to the interface part 61 . With respect to it, there is ex- 
ecuted a prescribed piece of processing through the op- 
erations of the interface part 61 , BPSK demodulation 
part 62 ; and calculation part 64. As a result of this, the 
log of the processing executed in step S167 is stored in 
the RAM 67, with the result that the process is terminat- 
ed. 

[0273] In case no correct authentication has been per- 
formed in step S1 63, or in case it has been determined 
in step S1 65 that the accessing right (the accessing right 
to the addition processing) to the file is not permitted, 
the same processing as that in step S10 of FIG. 12 is 
executed in step S1 69. The process thereby is terminat- 
ed. 

[0274] Incidentally, here, the specific key B is regis- 
tered in the issuer A's issued IC card 2 at the time of the 
co-operation. Through this registration, it has been ar- 
ranged that the filling process for filling the commonly 
accessible electronic value can be executed using the 
money-receipt by-proxy-execution business agent B's 
managed terminal apparatus. However, it is also possi- 
ble to arrange that, at the time of the co-operation, the 
issuer A of the IC card 2 supplies the specific key A to 
the money-receipt by-proxy-execution agent B, and to 
register the specific key A into the money-receipt by- 
proxy-execution agent B's managed terminal appara- 
tus. By doing so as well, it is possible to execute the 
same process. 

[0275] Next, the settlement process for price (com- 
mission) between the issuer A and the money-receipt 
by-proxy-execution agent B in the following case will be 
explained with reference to the flow chart of FIG. 28. 
Namely, the case where there has been executed the 
write-in process for performing write with respect to the 
electronic value through the use of the specific key other 
than the issuer's specific key, which write-in process is 
the one that has been explained using FIG. 27. 
[0276] In step S1 71 , the reader/writer 1 of the terminal 
apparatus (hereinafter, the terminal apparatus B) of the 
money-receipt by-proxy-execution agent B has mount- 
ed with respect thereto the issuer A's issued IC card 2. 
And the reader/writer 1 has input thereto a request for 
the following processing. The processing for filling a val- 
ue into the IC card 2 (the filling of a value such as, for 
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example, an electronic money, commonly accessible 
electronic value, or an SF). The DPU 31 of the reader/ 
writer 1 reads in from the IC card 2 that has been mount- 
ed a card ID disposed in the issuance ID block that has 
been explained using FIG. 5 : via the antenna 27, de- 
modulator circuit 25, SPU 32, and bus 35. Then, the 
DPU.31 supplies that card identification (ID) to the con- 
troller 3 via the bus 35 and the SCC 33. 
[0277] In step S172 ; the control part 101 of the con- 
troller 3 has input thereto the card ID of the IC card 2 
mounted with respect to the reader/writer 1 . via the net- 
work interface 107 and the internal bus 102. Thereby, 
the control part 1 01 produces a signal for requesting be- 
ing given a permission for executing the money-receipt 
by-proxy-execution processing with respect to the IC 
card 2. Then the control part 101 transmits that signal 
to the issuer A's managed personal computer (herein- 
after, the personal computer A) via the internal bus 1 02, 
network interface 107, and wide-band network such as 
the Internet lines not illustrated. 

[0278] The CPU 151 of the personal computer A has 
input thereto in step S173 the signal indicating the re- 
quest for being given the permission for by-proxy exe- 
cution from the terminal apparatus B via the following. 
Namely, the wide-band network such as the Internet 
lines not illustrated, network interface 160, input/output 
interface 152, and internal bus 153. In step S174, the 
CPU 1 51 transmits a signal indicating the permission for 
by-proxy execution to the terminal apparatus B via the 
following. Namely, the internal bus 153, input/output in- 
terface 152, network interface 160, the Internet lines not 
illustrated, etc. 

[0279] In step S1 75, the terminal apparatus B has in- 
put thereto the signal indicating the permission for by- 
proxy execution that the personal computer A has trans- 
mitted in step S174. Then, in step S176, the terminal 
apparatus B executes the write-in process in which 
write-in is performed using the specific key other than 
the issuer's one and which has been explained using 
FIG. 27. 

[0280] In step S177, the DPU 31 of the reader/writer 
1 of the terminal apparatus B reads out the log of the 
processing executed in step S176, which has been re- 
corded in the RAM 42 of the memory 34 in step S1 68 of 
FIG. 27. Then, the DPU 31 supplies it to the controller 
3 via the bus 35 and SCC 33. The control part 101 of 
the controller 3 has input thereto the log of the process- 
ing executed in step S1 67, via the network interface 1 07 
and internal bus 1 02. And the control part 101 transmits 
it to the personal computer A via the internal bus 102, 
network interface 1 07, wide-band network such as the 
Internet lines not illustrated, etc. 

[0281] In step S178, the CPU 151 of the personal 
computer A reads in the by-proxy-execution permission 
log that has notified in step S1 74 to the terminal appa- 
ratus B. In step S17g, the CPU 151 has input thereto 
the by-proxy-execution process that the terminal appa- 
ratus B has transmitted in step S177 via the following. 



The wide-band network such as the Internet lines not 
illustrated, network interface 160, input/output interface 
152, and internal bus 153. Thereby, the CPU 151 con- 
firms that the by-proxy-execution permission log it has 
5 read-in in step S1 78 and the by-proxy-execution log that 
has been input thereto are in coincidence with each oth- 
er. 

[0282] In step S180, the control part 101 of the con- 
troller 3 of the terminal apparatus B transmits the log of 

10 the by-proxy-execution process that has been input 
thereto in step S177, to the following. The money-re- 
ceipt by-proxy-execution agent B's managed personal 
computer (hereinafter, the personal computer B). And 
the log is transmitted thereto via the internal bus 102, 

15 network interface 107, and network such as a LAN not 
illustrated. 

[0283] In step SI 81, the CPU 151 of the personal 
computer B has input thereto the log of the by-proxy- 
execution process that the terminal apparatus B has 

20 transmitted in step S180 via the following. Namely, the 
network such as a LAN not illustrated, network interface 
160, input/output interface 152, and internal bus 153. 
The CPU 151 converts the thus-input by-proxy-execu- 
tion process log into a database, and calculates a sum 

25 total of the received amounts of money that have been 
received by-proxy-execution business (i.e. the deposit- 
ed amounts of money). 

[0284] The CPU 151 of the personal computer B, in 
step S182, calculates a by-proxy-execution commission 

30 the computer B demands of the issuer A. The CPU 151 , 
in step S183. also, subtracts that by-proxy-execution 
commission from the total deposited amount of money. 
The CPU 151 thereby calculates the resulting amount 
of money to be paid to the issuer A. The CPU 151 then 

35 transmits, in step SI 84 : the thus-calculated paid amount 
of money to the personal computer A via the following. 
Namely, the internal bus 1 53, input/output interface 1 52, 
network interface 160, and wide-band network such as 
the Internet lines not illustrated. 

40 [0285] The CPU 151 of the personal computer A, in 
step S185, operates on the log of the money-receiving 
by-proxy-execution operation that has been input in step 
S179 from the terminal apparatus B. According to that 
operation log, the CPU 151 subtracts from the total by- 

45 proxy-execution received amount of money the com- 
mission for being paid to the money-receipt by-proxy- 
execution agent B to thereby calculate the amount 
claimed with respect thereto. In step S1 86, the CPU 151 
has input thereto the paying amount of money that the 

so personal computer B has transmitted in step S184. 
Thereby, the CPU 151 confirms that the paying amount 
of money coincides with the amount claimed that has 
been calculated in step S185. In step S187, the CPU 
151 produces a signal indicating the amount it claims 

55 with respect to the money-receipt by-proxy-execution 
agent B. The CPU 151 transmits that signal to the per- 
sonal computer B via the following. Namely, the internal 
bus 153, input/output interface 152, network interface 
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1 60, wide-band network such as the Internet lines, etc. 
[0286] In step S188, the CPU 151 of the personal 
computer B has input thereto a signal indicating the 
amo unt claimed that the personal computer A has trans- 
mitted in step S187. Thereby, the CPU 151 thereof con- 
firms that the amount claimed coincides with the paying 
amount of money that it has calculated in step S1 84. In 
step S189, that CPU 151 pays the claimed amount of 
money to the issuer A through the execution of the fol- 
lowing processing. Namely, the processing executed 
with respect to the issuer A, of transmitting to the server 
not illustrated of a prescribed financial institution via, for 
example, the Internet lines a signal for transferring the 
paying amount of money into the account the issuer A 
has. 

[0287] In step S190, the CPU 151 of the issuer A's 
personal computer A accesses the server not illustrated 
of a prescribed financial institution via, for example, the 
Internet lines. Thereby, that CPU 151 confirms the re- 
ceipt of the money from the money-receipt by-proxy-ex- 
ecution agent B through the processing of, for example, 
confirming the remainder of the account the issuer A 
has. 

[0288] Also, regarding the delivery/receipt of the ac- 
cessing right explained using FIG. 9, an explanation has 
been given of the following case. Namely, the issuer A 
supplies to each of its co-operated managers B and C 
the common key K )F and the service code correspond- 
ing to the utilizable application based on the contents of 
the contract. By this supplying, the issuer A makes a 
prescribed piece of application in the common area uti- 
lizable in the manager B's or C*s managed terminal as 
well. Further, through the co-operation of the manager 
B with the manager D, part of the by-manager B-utiliz- 
abie applications can also be utilized by the manager D 
as well. Next, an explanation will be given of the follow- 
ing case by the use of FIG. 29. Namely, the case wherein 
the issuer A doesn't supply to each of its co-operated 
managers the service code based on the contents of the 
contract. Namely, in that case, with no such service code 
being supplied to each of those co-operated managers, 
they make a common possession, between themselves, 
of the applications in the common area that involves 
therein a more complex each other's relationship. 
[0289] As illustrated in FIG. 29A, the manager A en- 
codes the system key with the specific key A and sup- 
plies the encoded result to each of the managers E and 
G that are the partners that the manager A co-operates 
with. 

[0290] As illustrated in FIG. 29B, the manager E en- 
codes with the common key K, F the encoded result ob- 
tained by encoding the system key with the specific key 
A and input from the manager A. The manager E uses 
that encoded result as a first access key K E1 . Further, 
the manager E sequentially encodes the first access key 
K E1 (the encoded result obtained by encoding with the 
common key K, F ) with use of the following service keys 
#5008h, #5048h, #5088H, and #50C8h. Namely, the 



service keys corresponding to the applications the utili- 
zation of that is permitted to the manager E under the 
contents of the contract. The manager E uses the final 
encoded result as a second access key K^ 2 

5 [0291] A manager F : as illustrated in FIG. 29C, has 
input thereto from the manager E the first access key 
K E1 (the encoded result based on the use of the com- 
mon key K| F ), and encodes that first access key with the 
common key K, F . The manager F uses that encoded re- 

10 suit as a first access key K F1 . Further, the manager F 
sequentially encodes the first access key with the 
service keys #6008h and #6048h. The manager F sup- 
plies that encoded result to the manager E. The man- 
ager F sequentially causes the manager E to encode 

*5 that encoded result with the following service keys 
#5048h and #5088h. Namely, the service keys corre- 
sponding to the applications the utilization of that is per- 
mitted to the manager E under the co-operation con- 
tract. Thereafter, the manager F has supplied thereto 

20 from the manager E that encoded result, and then sup- 
plies that encoded result to the manager G. The man- 
ager F causes the manager G to encode that encoded 
result with the service key #70C8h corresponding to the 
application the utilization of that is permitted to the man- 

25 ager G under the co-operation. And the manager F has 
supplied from the manager G that encoded result, and 
uses it as a second access key Kfr 2 - 
[0292] On the other hand, as illustrated in FIG. 29D, 
the manager G encodes with the common key K, F the 

30 encoded result input from the manager A that has been 
obtained by encoding the system key with the specific 
key A. The manager G uses that encoded result as a 
first access key K^. Further, the manager G sequen- 
tially encodes the first access key with the service 

35 keys #7008h and #70C8h corresponding to the applica- 
tion the utilization of that is permitted to the manager G 
under the co-operation. The manager G then supplies 
that final encoded result to the manager encoded result 
with the service key #6048h corresponding to the appli- 

40 cation the utilization of that is permitted to the manager 
F under the co-operation. Thereafter, the manager G 
supplies to the manager E the encoded result based on 
the use of the service key #6048 the encoding of that is 
performed by the manager F. Then the manager G se- 

^5 quentially causes the manager E to encode that encod- 
ed result with the service keys #5088h and #50C8h cor- 
responding to the applications the utilization of that is 
permitted to the manager E under the co-operation. And 
the manager G has supplied thereto from the manager 

50 e that encoded result and uses it as a second access 
key Kq 2 . 

[0293] In this case, in the IC card 2, using the common 
key K, F and service key stored in its EEPROM 66, there 
is encoded the system key according to the same pro- 
55 cedure as that explained in connection with FIG. 1 1 . Re- 
sultantly, there are produced the first access key and 
the second access key. Resultantly, between each of 
the managers E, F, and G, it becomes possible to make 
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a common use, such as that illustrated In FIG. 30, of the 
application disposed in the service-definition area in the 
common area. 

[0294] Namely, data transmission/rec . rnion for per* 
mitting an accessing right to the application disposed in 
the common area is performed as explained using FIG. 
29. Resuttantly, the manager E can access each of the 
applications disposed in the service-definition areas 
#5008, #5048h, #5088h, and #50C8h. 
[0295] And, the manager F can access the service- 
definition areas #6008h and #6048h the accessing right 
to that is permitted to itself. In addition, the manager F 
can also access the service-definition area #5048h and 
#5088h with respect to that the manager E has the serv- 
ice key and also access the service-definition area 
#700C8h with respect to that the manager G has the 
service key. Similarly the manager G can access the 
service-definition areas #7008h and #70C8h with re- 
spect to that the manager G itself has the service key. 
In addition, the manager G can also access the service- 
definition area #5088h and #50C8h with respect to that 
the manager E has the service key and also access the 
service-definition area #6048h with respect to that the 
manager F has the service key. 

[0296] incidentally, in the delivery and receipt of key 
such as that illustrated in FIG. 29, it is impossible that 
the service key itself of a certain manager will be known 
by the other managers. Namely, it is impossible that the 
service keys #5008h, #5048h, #5088h, and #50C8h of 
the manager E will be known by any one of the manag- 
ers F and G. Similarly, it is impossible that the service 
keys #6008h and #6048h of the manager F will be 
known by any one of the managers E and G. Further, it 
is impossible that the service keys #7008h and #70C8h 
of the manager G will be known by any one of the man- 
agers E and F. 

[0297] The above-described series of processings 
can be executed through the use of hardware but also 
be executed through the use of software. When the se- 
ries of processings are executed through the use of soft- 
ware, the software may be installed from a recording 
medium storing the program therein into a computerthat 
has an exclusive piece of hardware in which the pro- 
gram constituting that software is incorporated or into, 
for example, a general-purpose perspnal computerthat 
enables executing various kinds of functions by having 
installed therein various kinds of programs. Or that soft- 
ware may be downloaded via communication networks 
such as cellular phone networks, the Internet, and the 
like. 

[0298] That recording medium is constructed of a 
package medium, etc. The package medium is the fol- 
lowing medium that, as illustrated in FIG. 2, 4, or 20, is 
distributed, separately from the relevant computer, in or- 
der to provide a program to the user and that has re- 
corded therein the program. Namely, the medium con- 
sists of the magnetic disk 45, 111 , or 61 (including a flop- 
py disk), the optical disk 46, 112, or 162 (including CD- 



ROM (Compact Disk-Read Only Memory), DVD (Digital 
Versatile Disk)), the magneto-optical disk 47, 113. or 
163 (including ar MD (Mini-Disk)), orthe semiconductor 
memory 48, 1^ or 164. 

5 [0299] Also, in the specification of this patent applica- 
tion, the steps that each describe the program recorded 
in the recording medium include the pieces of process- 
ing that are time-series executed in the order of the cor- 
responding described instructions. Those steps include, 

10 in addition, the pieces of processing that even when not 
time-series executed are executed in parallel or individ- 
ually separately. 

[0300] Additionally, in the specification of this patent 
application, the system represents the entire apparatus 

*5 that is constructed of a plurality of devices. 

[0301] In the data storage device and data storage 
method of the present invention, data is recorded in a 
first recording area for recording therein first data and 
first authentication information with respect to the first 

20 data and in a second recording area for recording there- 
in second data and second authentication information 
with respect to the second data; the input/output of the 
data with respect to the information-processing appara- 
tus is controlled; according to the authentication infor- 
ms mation that has been input from the information- 
processing apparatus and the first authentication infor- 
mation and second authentication information it is de- 
termined whether the transmission/reception of the first 
data and second data should be performed with respect 

30 to the information-processing apparatus; of the first data 
and second data, according to the first data and second 
data with regard to that it has been determined that the 
transmission/reception of the data should be performed 
by the data storage device with respect to the informa- 

35 tion-processing apparatus, calculation process is exe- 
cuted; third data of the first data recorded in the first re- 
cording area is recorded in association with fourth data 
of the second data recorded in the second recording ar- 
ea; and in case the information-processing apparatus 

40 performs data transmission/reception on the third data 
calculation process is executed with respect to the 
fourth data. Therefore, without excessively using the re- 
cording area, it is possible to ensure the security on the 
data that are respectively recorded in the first and the 

45 second recording area. 

[0302] In a first information-processing apparatus, 
first information -processing method, and first program 
of the present invention, there is controlled the input/ 
output of the data with respect to the data storage de- 

50 vice; there is recorded at least one authentication infor- 
mation used for performing the transmission/ reception 
of a prescribed item of data that is included in the data 
recorded in the data storage device; and in case the data 
transmission/reception of the data storage device with 

55 respect to the information-processing apparatus has 
been performed there is separately recorded informa- 
tion indicating the contents of the data transmission/re- 
ception every authentication information used for the 
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data transmission/reception. Therefore, data transmis- 
sion/reception with the data storage device can be per- 
formed, so that the transactions can be managed every 
form of authentication. 

[0303] In a second information-processing apparatus, 
second information-processing method and second 
program of the present invention, there are recorded 
first authentication and second authentication informa- 
tion that are used when the data storage device and an- 
other information-processing apparatus perform data 
transmission/reception therebetween, and code infor- 
mation defining each of a plurality of data the data stor- 
age device stores therein; there is encoded the first au- 
thentication information; and there are output to the an- 
other information-processing apparatus the first authen- 
tication information encoded, the second authentication 
information, and a prescribed item of the code informa- 
tion. Therefore, without making the first authentication 
information known, it is possible to supply to the another 
information-processing apparatus the authentication in- 
formation that is necessary for providing the commonly 
accessible service. Thereby, it is possible to realize the 
co-existence of the specific- accessible service and the 
commonly accessible service. 

[0304] In a third information-processing apparatus, 
third information-processing method, and a third pro- 
gram of the present invention, there is input the first in- 
formation that regards the data transmission/reception 
executed by a corresponding one of the other informa- 
tion-processing apparatus with respect to the data stor- 
age device; there is produced, according to the first in- 
formation that has been input, second information re- 
garding the data transmission/reception that corre- 
sponds to a plurality of the other information-processing 
apparatus ; and there is output to the corresponding oth- 
er information-processing apparatus the second infor- 
mation that has been produced. Therefore, the third in- 
formation-processing apparatus can have input thereto 
the history of use of the IC card that provides a plurality 
of services by a plurality of enterprises. Thereby, the 
third information-processing apparatus can notify the 
settlement information to a respective relevant one of 
the enterprises. 

[0305] Having described preferred embodiments' of 
the present invention with reference to the accompany- 
ing drawings, it is to be understood that the present in- 
vention is not limited to the above- mentioned embodi- 
ments and that various changes and modifications can 
be effected therein by one skilled in the art without de- 
parting from the scope of the present invention as de- 
fined in the appended claims. 

[0306] In so far as the embodiments of the invention 
described above are implemented, at least in part, using 
software-controlled data processing apparatus, it will be 
appreciated that a computer program providing such 
software control and a storage medium by which such 
a computer program is stored are envisaged as aspects 
of the present invention. 



[0307] Various further aspects and features of the 
present invention are defined in the appended claims. 
Combinations of features from the dependent claims 
may be combined with features of the independent 
5 claims as appropriate and not merely as explicitly set 
out in the claims. 



Claims 

1. A data storage device being mounted into an infor- 
mation-processing apparatus and performing data 
transmission/reception between itself and the infor- 
mation-processing apparatus, comprising: 

first memory that has a first recording area for 
recording therein first data and first authentica- 
tion information with respect to the fist data and 
that has a second recording area for recording 
therein second data and second authentication 
information with respect to the second data; 
data input/output control means that controls 
the input/ output of the data with respect to the 
information-processing apparatus; 
determination means that, according to the au- 
thentication information whose input thereto 
from the information -processing apparatus is 
controlled by the data input/output control 
means and the first authentication information 
and second authentication information, deter- 
mines whether the transmission/reception of 
the first data and second data recorded in the 
first memory should be performed with respect 
to the information-processing apparatus; and 
calculation-process execution means that exe- 
cutes calculation process according to the first 
data and second data of the first data and sec- 
ond data recorded in the first memory, which is 
determined by the determination means that 
the transmission/ reception of the data should 
be performed with respect to the information- 
processing apparatus, 

whereby the first memory causes third data of 
the first data recorded in the first recording area 
to be stored therein in association with fourth 
data of the second data recorded in the second 
recording area; and 

the calculation-process execution means, in 
case it has been determined by the determina- 
tion means that the information-processing ap- 
paratus performs data transmission/reception 
on the third data, executes calculation process 
with respect to the fourth data. 

55 2. The data storage device according to claim 1 , 
wherein 

each of the first authentication information and 
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second authentication information includes 
therein information indicating whether read- 
out, write-in, addition, or subtraction process- 
ing w::i respect to the first data and the second 
data can be executed; and 5 
the determination means determines, accord- 
ing to the authentication information input from 
the information-processing apparatus and the 
first authentication and second authentication 
information, which one of the read-out, write-in, 10 
addition, or subtraction processing included in 
the calculation processings the calculation- 
process execution means executes can be ex- 
ecuted. 

15 

3. The data storage device according to claim 1, 
wherein 

each of the first data and second data includes 

an application for providing a prescribed piece 20 

of service; 

the application is defined by a corresponding 
different code information; 
the calculation-process execution means exe- 
cutes the calculation process according to the 25 
application; and 

the determination means determines, accord- 
ing to the code information contained in the au- 
thentication information input from the informa- 
tion-processing apparatus, according to which 30 
application the calculation-processing execu- 
tion means should execute calculation process. 

4. The data storage device according to claim 1 , fur- 
ther comprising second memory that, in case the 35 
data transmission/ reception with respect to the in- 
formation-processing apparatus has been per- 
formed, records information indicating the contents 

of the data transmission/reception separately ac- 
cording to which one of the first authentication in- *o 
formation or second authentication information has 
been used for this data transmission/reception. 

5. A data storage method for a data storage device 
being mounted into an information-processing ap- *s 
paratus and performing data transmission/recep- 
tion between itself and the information-processing 
apparatus, comprising the steps of: 

a recording control step that controls the re- so 
cording of the data into a first recording area for 
recording therein first data and first authentica- 
tion information with respect to the fist data and 
a second recording area for recording therein 
second data and second authentication infor- 55 
mation with respect to the second data; 
a data input/output control step that controls the 
input/ output of the data with respect to the in- 



formation-processing apparatus; 
a determination step that, according to the au- 
thentication information whose input thereto 
from the information-processing apparatus is 
controlled by the processing of the data input/ 
output control step and the first authentication 
information and second authentication informa- 
tion, determines whether the transmission/ re- 
ception of the first data and second data the re- 
cording of that has been controlled by the 
processing of the recording control step should 
be performed with respect to the information- 
processing apparatus; and 
a calculation-process execution step that exe- 
cutes calculation process according to the first 
data and second data of the first data and sec- 
ond data the recording of that is controlled by 
the processing of the recording control step, 
which has been determined that the transmis- 
sion/reception of the data should be performed 
by the data storage device with respect to the 
information-processing apparatus by the 
processing of the determination step, 
wherein the recording control step causes third 
data of the first data recorded in the first record- 
ing area to be recorded therein in association 
with fourth data of the second data recorded in 
the second recording area; and 
the calculation-process execution step, in case 
it has been determined by the determination 
step that the information-processing apparatus 
performs data transmission/reception on the 
third data, executes calculation process with re- 
spect to the fourth data. 

6. An information-processing apparatus having 
mounted thereinto a data storage device and per- 
forming data transmission/ reception between itself 
and the data storage device, comprising: 

data input/output control means that controls 
the input/ output of the data with respect to the 
data storage device; 

first memory that records at least one authen- 
tication information used for performing the 
transmission/reception of a prescribed item of 
data thai is included in the data recorded in the 
data storage device; and 

second memory that, in case the data transmis- 
sion/reception to/from the data storage device 
has been performed, separately records infor- 
mation indicating the contents of the data trans- 
mission/reception every authentication infor- 
mation used for the data transmission/recep- 
tion. 

7. The information-processing apparatus according to 
claim 6, further comprising: 
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selection means that, among the information 
recorded in the second memory and indicating 
the contents of the data transmission/ recep- 
tion, selects information indicating the data 
transmission/ reception that has been per- 5 
formed using a prescribed authentication infor- 
mation; and 

output control means that controls the output to 
another information-processing apparatus of 
the information indicating the contents of the 10 
data transmission/reception the data of that 
has been selected by the selection means. 

8. An information-processing method for an informa- 
tion-processing apparatus having mounted therein- *5 
to a data storage device and performing data trans- 
mission/reception between itself and the data stor- 
age device, comprising the steps of: 

a data in put/output control step that controls the 20 
input/ output of the data with respect to the data 
storage device; 

a first recording control step that controls the 
recording of at least one authentication infor- 
mation that is performed for performing the 25 
transmission/reception of a prescribed item of 
data that is included in the data recorded in the 
data storage device; and 
a second recording control step that, in case 
the data transmission/reception to/from the da- 30 
ta storage device has been performed, controls 
the separate recording performed every au- 
thentication information used for the data trans- 
mission/reception, of information indicating the 
contents of the data transmission/ reception. 35 

9. A computer program for an information-processing 
apparatus that has mounted thereinto a data stor- 
age device and that performs data transmission/re- 
ception between itself and the data storage device, 40 
comprising the steps of: 

a data input/output control step that controls the 
input/ output of the data with respect to the data 
storage device; 45 
a first recording control step that controls the 
recording of at least one authentication infor- 
mation for performing the transmission/recep- 
tion of a prescribed item of data that is included 
in the data recorded in the data storage device; so 
and 

a second recording control step that, in case 
the data transmission/reception to/from the da- 
ta storage device has been performed, controls 
the separate recording performed every au- 55 
thentication information used for the data trans- 
mission/reception, of information indicating the 
contents of the data transmission/ reception. 



10. An information-processing apparatus performing 
data transmission/reception between itself and an- 
other information-processing apparatus having 
mounted thereinto a data storage device and per- 
forming data transmission/reception between itself 
and the data storage device, comprising: 

memory that records first authentication and 
second authentication information that are 
used when the data storage device and the sec- 
ond information -processing apparatus perform 
data transmission/reception therebetween, 
and code information defining each of a plural- 
ity of data stored in the data storage device; 
encoder means that encodes the first authenti- 
cation information; and 

output control means that controls the output to 
the second information-processing apparatus 
of the first authentication information encoded 
by the encoder means, the second authentica- 
tion information, and a prescribed item of the 
code information. 

11. An information-processing method for an informa- 
tion-processing apparatus performing data trans- 
mission/reception between itself and another infor- 
mation-processing apparatus having mounted 
thereinto a data storage device and performing data 
transmission/ reception between itself and the data 
storage device, comprising the steps of: 

a recording control step that controls the re- 
cording of first authentication and second au- 
thentication information that are used when the 
data storage device and the second informa- 
tion-processing apparatus perform the data 
transmission/reception therebetween, and 
code information defining each of a plurality of 
data stored in the data storage device; 
an encoding step that encodes the first authen- 
tication information; and 
an output control step that controls the output 
to the second information-processing appara- 
tus of the first authentication information en- 
coded by the processing of the encoding step, 
the second authentication information, and a 
prescribed item of the code information. 

12. A computer program for an information-processing 
apparatus performing data transmission/reception 
between itself and another information-processing 
apparatus having mounted thereinto a data storage 
device and performing data transmission/reception 
between itself and the data storage device, com- 
prising the steps of: 

a recording control step that controls the re- 
cording of first authentication and second au- 
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thentication information that are used when the 
data storage device and the second informa- 
tion-processing apparatus perform the data 
transmission/reception therebetween, and 
code information defining each of a plurality of 5 
data stored in the data storage device; 
an encoding step that encodes the first authen- 
tication information; and 
an output control step that controls the output 
to the second information-processing appara- io 
tus of the first authentication information en- 
coded by the processing of the encoding step, 
the second authentication information, and a 
prescribed item of the code information. 

75 

13. An information-processing apparatus performing 
data transmission/reception between itself and 
each of a plurality of other information-processing 
apparatus each having mounted thereinto a data 
storage device and performing data transmission/ 20 
reception between itself and the data storage de- 
vice, comprising: 



14. An information-processing method for an informa- *o 
tion-processing apparatus performing data trans- 
mission/reception between itself and each of a plu- 
rality of other information-processing apparatus 
each having mounted thereinto a data storage de- 
vice and performing data transmission/reception 45 
between itself and the data storage device, com- 
prising the steps of: 



controlled by the processing of the input control 
step: and 

an output control step that controls the output 
to the corresponding other information- 
processing apparatus, of the second informa- 
tion produced by the processing of the produc- 
tion step. 

15. A computer program for an information-processing 
apparatus performing data transmission/reception 
between itself and each of a plurality of other infor- 
mation-processing apparatus each having mount- 
ed thereinto a data storage device and performing 
data transmission/reception between itself and the 
data storage device, comprising the steps of: 

an input control step that controls the input of 
the first information that regards the data trans- 
mission/reception executed by a correspond- 
ing one of the other information-processing ap- 
paratus with respect to the data storage device; 
a production step that produces second infor- 
mation regarding the data transmission/recep- 
tion that corresponds to a plurality of the other 
information-processing apparatus, according 
to the first information the input of that has been 
controlled by the processing of the input control 
step; and 

an output control step that controls the output 
to the corresponding other information- 
processing apparatus, of the second informa- 
tion produced by the processing of the produc- 
tion step. 



input control means that controls the input of 
the first information that regards the data trans- 25 
mission/reception executed by a correspond- 
ing one of the other information-processing ap- 
paratus with respect to the data storage device; 
production means that produces second infor- 
mation regarding the data transmission/recep- 30 
tion that corresponds to a plurality of the other 
information-processing apparatus, according 
to the first information the input of that has been 
controlled by the input control means; and 
output control means that controls the output to 35 
the corresponding other information-process- 
ing apparatus, of the second information pro- 
duced by the production means. 



an input control step that controls the input of 
the first information that regards the data trans- so 
mission/reception executed by a correspond- 
ing one of the other information-processing ap- 
paratus with respect to the data storage device; 
a production step that produces second infor- 
mation regarding the data transmission/recep- 55 
tion that corresponds to a plurality of the other 
information-processing apparatus, according 
to the first information the input of that has been 
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